Professional Documents
Culture Documents
This document has been produced without formal United Nations editing. The
designations employed and the presentation of the material in this document do
not
imply the expression of any opinion whatsoever on the part of the Secretariat of
the
United Nations Industrial Development Organization (UNIDO) concerning the legal
status of any country, territory, city or area or of its authorities, or concerning the
delimitation of its frontiers or boundaries, or its economic system or degree of
development. Designations such as developed, industrialized and developing
are
intended for statistical convenience and do not necessarily express a judgment
about the
stage reached by a particular country or area in the development process. Mention
of
firm names or commercial products does not constitute an endorsement by UNIDO.
iv
v
Contents
Foreword .....................................................................................................................
.................. iii
Preface ........................................................................................................................
.................... x
Acknowledgements......................................................................................................
................ xi
Acronyms .....................................................................................................................
................ xii
1.
Introduction..................................................................................................................
............. 1
1.1 History and status of ISO
17025:2005 ..............................................................................................1
1.2 International recognition of
accreditation................................................................................................2
1.3 Selection of a suitable accreditation body by
laboratories.........................................................................3
1.4 Scope of
accreditation...........................................................................................................................3
1.5 Relationship between ISO 17025 and ISO
9001 ................................................................................4
1.6
Summary....................................................................................................................................
........5
2.1 General
points ....................................................................................................................................6
2.2 Legal identity of laboratory
[4.1.1].......................................................................................................6
2.3 Body allocating resources
[4.1.5]...........................................................................................................7
2.4 Technical management
[4.1.5] .............................................................................................................7
2.5 Quality manager
[4.1.5]......................................................................................................................7
2.6 Deputies
[4.1.5].................................................................................................................................9
2.7 Other posts
[4.1.5].............................................................................................................................9
2.8 Qualifications and job descriptions
[5.2.4]..........................................................................................10
2.9 Influences, confidentiality and independence [4.1.4,
4.1.5]...................................................................10
3.1 Key
questions ..................................................................................................................................
..12
5. Personnel
[5.2]..........................................................................................................................
31
5.1 Key
questions ..................................................................................................................................
..31
5.2 Staff records
[5.2.5]..........................................................................................................................31
5.3 Staff training and assessment of competence [5.2.1,
5.2.2] ..................................................................33
5.4 Re-assessment of training and competence [5.2.1,
5.2.2]......................................................................34
5.5 Training policy and review of training needs
[5.2.2] ............................................................................35
5.6 Action when employees
leave...............................................................................................................36
5.7 Other entries in the staff
records..........................................................................................................36
7. Test and calibration methods, method validation and quality control [5.4,
5.9]............ 42
7.1 Key
questions ..................................................................................................................................
..42
7.2 Choice of method [5.4.2, 5.4.3,
5.4.4]...............................................................................................42
7.3 Review of requests, tenders and contracts
[4.4] ....................................................................................43
vii
8. Equipment
[5.5] ....................................................................................................................... 59
8.1 Key
questions ..................................................................................................................................
..59
8.2 Equipment records
[5.5.5].................................................................................................................59
8.3 Commissioning of new equipment
[5.5.2]............................................................................................59
8.4 Service and calibration schedule
[5.5.2] ..............................................................................................60
8.5 Responsible
persons ............................................................................................................................61
8.6 Routine operation of the equipment log
[5.5.5]....................................................................................61
8.7 Other components of the equipment log
[5.5.5]....................................................................................61
8.8 Smaller items of
equipment.................................................................................................................61
8.9 Equipment labelling and sealing [5.5.4,
5.5.12] ................................................................................61
8.10 Equipment in use before formal records are
implemented....................................................................62
9. Traceability of measurement
[5.6] ......................................................................................... 63
9.1 Key
questions ..................................................................................................................................
..63
9.2 Meaning of
traceability......................................................................................................................63
9.3 Acceptability of calibrations to accreditation
bodies ..............................................................................64
9.4 Measurements not traceable to si
units ................................................................................................65
9.5 Some other calibration
issues ..............................................................................................................66
12. Computer
systems ................................................................................................................. 75
12.1 Key
questions..................................................................................................................................
75
12.2 General
issues.................................................................................................................................75
12.3 Control of
software..........................................................................................................................75
12.4 Computer
networks.........................................................................................................................76
12.5 Computer systems managed by other
departments ..............................................................................76
14.4 Inspection
[4.6.2] ............................................................................................................................87
14.5 Administration
[4.6.4]....................................................................................................................87
14.6 Starting up the approved suppliers
list...............................................................................................88
14.7 Operating within a tendering
system..................................................................................................88
15. Sub-contracting
[4.5] ............................................................................................................. 89
15.1 Key
questions..................................................................................................................................
89
15.2 Requirements [4.5.3,
4.5.2] ............................................................................................................89
15.3
Administration............................................................................................................................
...90
Bibliography ................................................................................................................
................. 98
Appendix: Selfexamination .....................................................................................................100
x
Preface
Complying with ISO 17025 is a guidebook written to assist testing and calibration
laboratories set up a quality management system that conforms to ISO
17025:2005, the
international standard for laboratory quality systems. Compliance with this
standard
provides a globally accepted basis for laboratory accreditation. The standard
specifies the
management and technical requirements to be met by testing and calibration
laboratories
in both their organisation and their management of quality. Complying with ISO
17025 will
enable laboratories to identify where their current operations meet the
requirements of
ISO 17025 and, in those areas where they do not, it will guide them in developing
systems to achieve such compliance.
The guidebooks coverage of the requirements of the standard is comprehensive
and
detailed, and its guidelines on implementing systems and procedures to meet these
requirements are practical, specific and clearly linked, item by item, to the detailed
specifications of the standard, with numbers in square brackets after each subheading
cross-referring to the relevant sections in the standard.
Chapter 1 gives a history of the development of ISO 17025, its relevance to
laboratory
accreditation and its relationship with other standards. The following fifteen
chapters
then cover everything related to compliance with the standard. This ranges from
guidelines in Chapter 2 on how to write a correct description of the legal status of
the
laboratory, its ownership and its relationship to any parent or subsidiary
organisations,
and, in Chapter 3, on how to maintain appropriate accommodation and
environmental
conditions to dealing with sub-contracting issues in Chapter 15 and how to write a
quality manual in Chapter 16. A full overview can be found in the Contents pages.
Complying with ISO 17025 aims to engage its users in addressing compliance
issues in the
concrete reality of their own laboratory. Most chapters begin with a set of key
questions
to help users focus on specific areas covered in that chapter where they may not
be in
compliance with the standard. The Appendix then presents a self-examination
questionnaire with the kind of questions that they should ask themselves in making
a
comprehensive assessment of how compliant they are with ISO 17025 and, most
importantly, how ready they are to seek accreditation.
xii
Acronyms
Acknowledgements
Complying with ISO 17025 is published by the United Nations Industrial
Development
Organisation (UNIDO). It was developed under the auspices of the Trade
Capacitybuilding
Branch of UNIDO, led by Mr. Lalith Goonatilake, Director, and was
coordinated by Mr. Ouseph Padickakudi, Programme Manager, Trade Capacitybuilding
Branch, UNIDO.
The book was written by Dr. Alan G Rowley, Fellow of the Royal Society of
Chemistry
and Principal of Alan Rowley Associates, who has over twenty-five years
experience in
providing consultancy services to industry and the public sector on laboratory
management, quality systems, analytical chemistry, laboratory testing for
regulatory
control, laboratory testing for conformity assessment and environmental
monitoring. Dr
Rowley has worked with a wide range of clients in many countries. These include
the
United Kingdom of Great Britain and Northern Ireland, Ireland, the Democratic
Socialist Republic of Sri Lanka, the Republic of Mauritius, the Islamic Republic of
Pakistan, the Peoples Republic of Bangladesh, the Russian Federation, Ukraine,
the
Republic of Hungary, the French Republic, the Kingdom of Belgium, the United
States
of America, the Federal Democratic Republic of Ethiopia, the Kingdom of Saudi
Arabia,
the Kingdom of Norway, the former Yugoslav Republic of Macedonia, the Socialist
Republic of Viet Nam, the Kingdom of Cambodia, the Federal Democratic Republic
of
Nepal, the Republic of Maldives and the Republic of Trinidad and Tobago.
Dr. Rowley is an expert on ISO 17025, ISO 9001, the United Kingdom
Environmental
Agency laboratory recognition (MCERTS), ISO 15189 (medical laboratory
accreditation),
and ISO 17011 (the quality standard for laboratory-accrediting bodies).
The text was edited by Mr. Malachy Scullion, UNIDO consultant editor.
Page 1
1. Introduction
1.1 History and status of ISO 17025:2005
Prior to the issuing of ISO 17025:1999 there was no internationally accepted
standard for
laboratory quality systems that could provide a globally accepted basis for
accreditation.
Accreditation was based on national standards. However, there was a considerable
level
of uniformity between the requirements expressed in these various standards due
to the
existence of ISO Guide 25, a document drawn up by the ISO Council Committee on
Conformity Assessment (CASCO) in response to a request by the International
Laboratory Accreditation Cooperation (ILAC) held in Auckland, New Zealand, in
October 1988.
The declared purpose of ISO Guide 25, taken from its foreword, is to establish the
principle that "third party certification systems [for laboratories] should, to the
extent
possible, be based on internationally agreed standards and procedures". ISO
guides are
intended to be used by local standards institutions when preparing their own
national
standards. By this means, it is hoped to achieve a high degree of compatibility
between
standards prepared in different countries "so as to facilitate bilateral and
multilateral
agreements". (Quotations from the foreword to ISO Guide 25, 3rd Edition.)
The document now known as ISO 17025 began life as a revision of the third edition
of
ISO Guide 25, but during the revision process it was decided to convert the guide
to a
standard, so providing a truly global basis for accreditation. It was also decided to
introduce as much compatibility as possible between ISO 17025 and the generic
quality
management system standard ISO 9001, which was also under revision at the
same time.
The objective appears to have been to create a logical connection between ISO
9001 and
ISO 17025 such that the former would be seen as a master standard with ISO
17025
being a specific application of that standard to testing and calibration laboratories.
ISO 17025: 1999 was accepted by ISO subscribing countries in late 1999 and came
into
effective use during the first quarter of 2000 after its adoption as a national
standard by
most countries around the world. The new version of ISO 9001, the 2000 edition,
was
accepted at a later date.
The exercise intended to harmonise ISO 17025 and ISO 9001 was, in the event,
regarded
as imperfect, especially in that ISO 9001 placed great emphasis on continual
improvement in the quality system. Although this was included in ISO 17025, its
importance as a part of the standard was not strongly emphasised. Hence a
revision of
ISO 17025 was undertaken and this led to ISO 17025:2005 which was adopted as
an ISO
standard in late May of 2005.
There are no fundamental differences between ISO 17025:1999 and ISO
17025:2005 and
nothing which impinges essentially on the technical requirements. The main
differences
can be summed up as follows: Insistence on a demonstrated commitment to continually improve the quality
management system and identified mechanisms for achieving this.
Greater emphasis of the need to communicate with customers and, especially, to
actively solicit feedback on service quality and ensure the resulting information is
used as the basis of action to improve the management system.
Greater emphasis of the need to use information from quality control data to
evaluate the performance of the quality system and to identify opportunities for
improvement.
Page 2
The transitional period between ISO 17025:1999 and ISO 17025:2005 lasted two
years,
with the two standards running together. In May 2007 ISO 17025:1999 became
defunct
and existing laboratories who had not been assessed against the 2005 version
ceased to
be accredited.
rather cumbersome and it can take many years for a new national body to establish
significant international recognition. However, this rather cumbersome process is
being
rapidly streamlined by means of regional laboratory accreditation conferences
linked
through ILAC (see section 1.1). The regional body applies rules for membership,
including compliance with ISO 17011, and audits national bodies for compliance.
Mutual
recognition is then organised between the regional bodies, so simplifying the
whole
system and shortening the timescale.
Key regional groupings are the Asia Pacific Accreditation Cooperation (APLAC), the
European Cooperation for Accreditation of Laboratories (EAL) and the Southern
Africa
Development Community in Accreditation (SADCA).
This regionalisation of international recognition is developing rapidly but has not
been
fully established, and it is still possible to find accreditation bodies who are
members of
regional groups who prefer to pick and choose which of the other members they
will
recognise.
In this context of national accreditation bodies and mutual recognition it has to be
noted
that not all countries choose to establish their own domestic accreditation service.
In the
case of smaller countries with only limited numbers of laboratories, this may make
little
economic sense. In such instances the country uses other national bodies, either on
the
basis of an agreement with a particular body to provide the service to the country
or on
an ad hoc basis where each laboratory chooses its own accreditation service.
Currently attempts are being made to develop arrangements where several
countries club
together to have a single regional accreditation body. It seems likely that initiatives
of this
type will bear fruit in southern Africa.
Page 3
The recent World Trade Organisation initiatives to deal with technical barriers to
trade
have sought to address the question of global acceptance of test data as part of
quality
issues in international trade. The agreement can be summarised as a recognition
that,
when deciding whether data from a particular laboratory is acceptable, a key
criterion
should be compliance of the laboratory with ISO 17025. This has been widely
interpreted as meaning that countries all need to establish a national ISO 17025
accreditation body for laboratories. However, in this context, the following points
need
to be noted: Accreditation must have credibility, which means, in practice, that the
accreditation
body must apply ISO 17025 rigorously and itself operate to ISO 17011. Simply
having an accreditation body is not, in itself, a solution.
The credibility of the accreditation body on an international scale needs MRAs,
especially with countries which are recipients of trade goods needing testing
support.
The credibility of individual laboratories can be established by their direct
assessment
by either customers or accreditation bodies from trading partners. A national
accreditation body is not essential.
The laboratory will need to select methods to offer as part of the scope when it
makes its
application for accreditation. The following criteria should be born in mind: Methods which are performed infrequently, for example less than 12 times per
annum, are difficult to accredit since it is impossible to demonstrate a track record
of
performance. If such methods have to be included in the accreditation, a large
level
of quality control will be required by the assessors.
Methods with little objective content are unlikely to be able to be accredited
since
consistency in application cannot be guaranteed.
Page 4
ISO 17025 assessment bodies will always use technical assessors who are
specialists and
who carry out a peer review of the methods being used by the laboratory and the
way in
which those methods are applied. An ISO 9001 external audit to determine
suitability for
certification does not include this peer review of technical aspects and the auditors
are
not required to be technical specialists. They confine their attention to the quality
management system.
From the point of view of a laboratorys clients, laboratories meeting the
requirements of
ISO 17025 fulfil all the relevant requirements of ISO 9001 when acting as
subcontractors.
The practical effect of this is that if an organisation which is certified to ISO
9001 is using an ISO 17025 accredited laboratory as a sub-contractor, it can treat
it as an
ISO 9001 certified sub-contractor for any work within the laboratorys scope of ISO
17025 accreditation. There will, for example, be no necessity to carry out quality
audits of
the sub-contractor.
1.6 Summary
The general view to be taken of these various guides and standards is that ISO
9001 is
the overall standard for quality management systems and ISO 17025 provides
specific
guidance on the application of the ISO 9001 principles to laboratories. This
correspondence is becoming increasingly apparent with the development of both
standards, especially as the language and terminology is converging.
When seeking to select or establish an accreditation body for laboratories, the key
standard is ISO 17011 which is the basis on which international acceptance of an
accreditation body, and hence its client laboratories, is achieved.
Page 6
senior staff with specific responsibilities, but to retain other job descriptions in a
separate
file or in staff record files.
Be sure that responsibilities and authority match each other at all levels. There is
no point
in stating that someone has the responsibility for organising interlaboratory
calibrations,
for example if they do not have the authority to require staff to do the necessary
work
and to sanction appropriate expenditure.
The following sections give guidance on the important points to be considered
when
defining the management structure.
endorsed from the highest level in the organisation, the laboratory staff may then
rely
upon this stated policy to protect them from any undue influences.
Page 7
responsibility by supervision of the technical staff. This does not necessarily mean
direct
supervision but will typically involve explaining how instructions are passed down
to the
bench and how data is passed back and checked.
A key component of this responsibility is likely to come with the involvement of
professional staff in interaction with customers of the laboratory through the
process of
review of requests, contracts and tenderssee section 7.3.
Much of the work required of the quality manager is administrative in nature but
he or
she is also, in the last analysis, responsible for the effective enforcement of the
quality
policy. He or she is also expected to advise management on quality issues by virtue
of his
or her close familiarity with the standard and the organisations quality
management
system.
The quality manager must have direct access to the highest level of management
in the
organisation, i.e. the body described in section 2.3 above, and to the laboratory
technical
management. An accreditation body will generally regard the quality manager as
the
person who provides day-to-day guardianship of the quality standard and so
represents
their interests within the organisation.
The post of quality manager may be filled in a number of ways depending upon the
organisation.
Few laboratories can support a full time quality manager, and it is doubtful
whether the
post requires the full time commitment of one person in laboratories with fewer
than 100
staff.
In large organisations which have several quality systems running, for example
ISO
17025 and ISO 9001, it may be relevant to have an overall quality manager
covering all
systems, in which case a full time quality manager may make sense. This can work
well
but only if the quality manager has some laboratory background. Although, in
theory,
managing the quality system does not need technical expertise, in practice it is
very
difficult for a quality manager with no relevant technical insight to operate with
laboratories.
One system which can be effective is to have an overall, possibly full time, quality
manager plus quality representatives at laboratory level. These can be individuals
who are
involved in laboratory management but who are given a specific brief to manage
quality.
They provide local quality expertise and administrative support to the quality
system and
assist the quality manager. Clearly, in this arrangement the quality representatives
may
have a dual reporting line: the normal lines to the laboratory manager on technical
issues
and a line to the quality manager on quality issues.
This type of structure would use one of the senior staff from the tier below that of
laboratory manager to manage the quality system. This, of course, means that the
quality
manager occupies a line management position below that of the laboratory
manager. This
should present no problems provided that it is stated in the documentation that, on
matters of quality, the quality manager has direct access to the level of
management
described in section 2.3 above. This then provides the quality manager with a line
of
action in the unlikely event that the laboratory manager is contravening the quality
policy
and attempts to subvert the quality manager by using line management authority.
This type of structure operates effectively in many organisations and is probably
the
commonest scenario found in medium sized laboratories. There is often some
initial
discomfort with such an arrangement in highly hierarchical organisations, but it is
usually
found to be workable in practice.
Alternatives to the scenarios already discussed include the use of a staff member
who is
not involved in laboratory work but who has the necessary technical background.
Such
Page 9
persons are typically found amongst individuals who have been promoted into
structure, ISO 17025 requires no other post to be defined. You should, however,
look at
your situation and describe how it is structured.
For each level you should have an appropriate name, for example chief chemist,
senior
microbiologist, materials scientist, technical officer, laboratory Assistant or
whatever
titles your organisation is familiar with.
You should define, for each level, the reporting structure both going upwards and
downwards, for example each chemist reports to a senior chemist and technical
officers
report to a materials scientist.
Page 10
include quality control procedures but it is much more orientated towards quality
assurance. By quality assurance we mean procedures and management methods
which
are designed to minimise the chances of anything going wrong in the first place.
The
emphasis is on error prevention rather than on error detection.
In the laboratory, the quality system must not only deliver quality data but must
also
provide for the maintenance of records which enable the quality of any result to be
Page 13
secure basis for monitoring the system; in short, unless the system is clearly
specified
it is difficult to monitor whether it is being used.
It is a means of communication within the laboratory so that all staff know their
responsibilities and the procedures to be followed.
The key piece of quality documentation is the quality manual. This is the document
which describes in detail the policy on quality and the quality management
structure and
describes or refers to the procedures which constitute the working quality system.
The
quality manual is, typically, prepared and checked by laboratory management,
usually
under the overall co-ordination of the quality manager. It should, however, be
formally
authorised for issuing from as high a point in the management hierarchy as
possible;
chief executive, director general, chairman are typical points. This ensures that the
manual has the strongest authority and also shows, to the accreditation body, a
commitment on the part of the senior management to the quality system.
It is critical that the quality manual is seen to be a working document. It should be
available to all staff and they must be instructed to read it and to use it to guide
them in
all aspects of their work. It will then be a vital force for the consistent and
comprehensive operation of the quality system.
The quality manual may be completely comprehensive and self-contained or it may
make
reference to subsidiary documents which describe procedures. Whatever the case,
the
quality manual must be the primary source for all aspects of the operation of the
quality
system and must either contain all necessary information or must explain clearly
where
Page 14
equipment log for each major item of equipment, or composite logs for smaller
items, such as balances, thermometers, glassware. See section 8.
Copies of all reports issued by the laboratory. See section 13.2.
Records of staff qualifications, training and review of training in the form of a
staff
register. See section 5.
Records of all audits and reviews of the quality system, including records of
corrective and preventive action taken. See section 4.
Records of all customer complaints and response to non-conforming work, and
details of follow-up and any corrective action taken. See section 4.10.
Records of suppliers and sub-contractors. See sections 14 and 15.
The key objective in keeping records should be to ensure that the source of any
error can
be traced and that any test or calibration can be repeated in a manner as close to
the
original as possible.
Records must be kept in such a way that they can easily be retrieved if necessary
and they
must be secure, held in confidence and reasonably protected from destruction.
There should be a documented policy on the period of retention of records. ISO
17025
has no actual period specified but the laboratory must commit to a policy.
Accreditation
bodies usually have their own regulations and these vary from body to body.
However, a typical requirement is connected with the practice of most
accreditation
bodies of carrying out a full re-assessment of a laboratory every four years. The
normal
requirement then becomes that all records for the past four-year period must be
available. After the re-assessment, most records for the four previous years can be
disposed of. The only rider to this is that any records which are relevant to ongoing
issues need to be kept for at least the duration of that issue.
What this means in practice is that records relating to individual items of
equipment, for
example, need to be kept for however long the equipment is in use plus whatever
period
is necessary to reach the next re-assessment. Similarly, staff records are kept so
long as
staff are employed plus the time to the next re-assessment. In reality, most
laboratories
retain records far longer than will be required by most accreditation bodies.
The document control system must be described in the quality manual. This system
must
cover all documents used in the operation of the quality system. These include
obvious
items, such as the quality manual, associated procedural documentation, technical
methods documentation and work instructions. Less obvious items which must be
included in the document control system are masters of pro-formas used for record
from being printed without authorisation and recording, since this will generate
unrecorded copies of the document, which will be missed by the updating process.
On a related point, the quality manual must include an instruction that controlled
documents, other than masters of pro-formas (see section 3.4.4), must not be
photocopied by staff. The enforcement of this is essential to maintain the integrity
of the
system since the document control system must know of every copy of a document
in
circulation in order to ensure that all are reviewed and updated when necessary.
Proliferation of unofficial photocopies will undermine the control system
completely.
Some organisations seek to protect themselves from photocopying of controlled
documents by using paper of a distinctive colour or by using paper with coloured
logos
or footer bands. A rule can then be made that any copies of controlled documents
which
lack the distinctive colour are not to be used by staff and must be destroyed if
discovered. It is also possible to obtain paper which prevents photocopying but this
is
expensive. These expedients do provide protection but they are not without cost
and
should not be necessary in a well disciplined and audited organisation
Allowance should be made in the quality manual for the issuing of uncontrolled
copies of
controlled documents but only outside the organisation. This covers the need,
which
sometimes arises, to provide customers with copies of, for example, quality
manuals.
There is normally no necessity to provide regular updates to such issues and
therefore no
need to commit to this in the quality manual. Documents issued in this way should
be
clearly marked as uncontrolled, for example by a suitable stamp, and the quality
manual
should include instructions that such uncontrolled copies are not to be released
within
the laboratory and that, if they are encountered by staff, they are not to be used as
work
instructions.
number of pages should be shown on the cover sheet. It is a good idea, when
paginating
a large controlled document such as a quality manual, to paginate it in separate
sections
rather than continuously throughout. This avoids the necessity to replace the
entire
document if a page has to be added. Under these circumstances, each page should
show
Page 18
the section number, the page number and the total number of pages in the section,
and
there should be a page of contents listing the sections.
The operation of the controlled document system is normally one of the
responsibilities
of the quality manager, although the actual day-to-day administration of document
control and record keeping may be delegated to administrative staff, for example
in a
library or document control centre.
In the case of each controlled document, there must be a record which shows
either the
name of the holder or the storage location of each numbered copy. When an
amendment
is authorised by the appropriate person, the quality manager can then ensure that
every
copy of the document is amended.
The simplest way to achieve this is to collect all of the copies of the document and
to
amend and reissue them. In larger organisations this may not be practicable, and
an
alternative arrangement is to issue the amended pages with instructions for the
action to
be taken by the document holders. The pages should be accompanied by an
amendment
sheet which describes exactly which pages are to be discarded and which are to be
inserted. This sheet should be placed in the copy of the document so that there is a
full
record of amendments.
ISO 17025 contains a specific requirement that there be a master list or equivalent
procedure so that staff can check that they have the current version of a document.
This
provides an additional safeguard but, provided the document control system is
working,
there should be no obsolete versions around.
ISO 17025 requires that, where practicable, new or altered text be identified in
amended
or revised documents or in attachments to the documents. The idea is that
attention
should be drawn to the specifics of any changes so that staff can identify the key
points
and determine easily whether changes in procedures are required or whether the
changes
are simply corrections of textual significance only, for example removal of
typographical
errors. In the case of in-house documents, this is easily achieved with modern word
processing software which usually permits the use of distinctive typefaces, and
indeed
colours, to highlight amendments. In the case of published material not generated
inhouse,
it will normally be necessary to provide an attachment to the document when
issuing it, pointing out the areas where changes have occurred. It is emphasised
that the
main point should be to make it clear to staff when the amendment will require
them to
change the way they carry out a procedure and when it is simply a textual change.
Amendment to controlled documents can be done by hand provided that the
amendment is authorised by the person responsible for the document. Normally,
this will
require their initials and a date on the amendment. Hand amendment is really only
practicable in small organisations where only one or two copies have to be
amended. ISO
17025 contains a requirement that hand amended documents shall be formally
reissued
as soon as practicable. In practice, it is preferable to avoid hand amendment since
it
tends to lead to a sloppy approach to document control and almost always results
in
variations creeping in between different copies of a document.
The quality manager should hold copies of all versions of each controlled document
so
that, if necessary, the content at any point in its history can be determined. These
copies
can be in the form of computer files, provided they are properly protected by
backing up.
typical. All copies of a controlled document should show a review date so that
users can
immediately see whether the document is overdue for review. The review
requirement is
met if the person responsible for the document makes a record that the review has
been
done and either authorises amendment to the document or records that the version
as
issued is confirmed as still relevant and requires no revision.
Some published documents, for example ISO or national standards describing
technical
methods, are subject to revision by the issuing body. The laboratory will need to
assure
the assessors that there is a mechanism for ensuring that such revisions are noted
and the
laboratory's copies of the documents have been replaced with the updated
versions. The
simplest way is to have a list of all the documents in this category and to check
with a
subscribing library or with the issuing body on a six monthly basis and, of course,
to
record the checks.
This system for ensuring documents are updated should encompass documents
issued by
the accreditation body.
It may sometimes be necessary to retain copies of older versions of documents, for
example standards describing methods, for instance if clients wish the previous
version
to be used. The requirement to update the documents does not preclude this but
care
must be taken to ensure that the appropriate method is used for each client.
Documents
which are obsolete for general use but which are retained for specific purposes
must be
suitably marked. The marking should either specify the scope of use of the
document or
simply warn that it is not for general use and refer the reader to an authority, for
example
the quality manager, who can provide information on when it is to be used.
For the first time in laboratory quality management standards, ISO 17025
introduced the
requirement to control pro-formas used for record keeping. To be strictly correct,
what is
being controlled is the format of the pro-forma.
The best way to meet this requirement is to have a master set of pro-formas and to
insist
that any copies made for use are always made from the masters and not from
copies of
the masters. The masters may be hard copies or, more usually these days, a set of
computer files. There may be more than one set of masters but, as with all
controlled
documents, each set must be numbered and records kept of holders or location.
This system then ensures that, if a pro-forma is amended, the amendment comes
into use
immediately. Staff have to be weaned away from the common habit of keeping a
stock of
forms in a drawer or, which is worse, keeping a set of their own masters, from
which
they make copies as needed.
The masters, and hence any copies of pro-formas, must show a version
number/date of
issue, the identity of the person authorising the issue, and a date when review of
the proforma
is due.
Page 20+++++++++++++++++++++++++++
++++++++++++++++++
Do you have a mechanism for checking that your arrangements for quality
management are
being operated on a day-to-day basis by all staff?
Where this is found not to be the case, do you have a mechanism for taking
corrective action to
ensure that the situation is remedied and not likely to recur?
Do you use the information from any quality problem to enable you to identify
where the
quality system can be improved and do you act on this?
Do you have mechanisms to monitor trends in quality performance so that
failures can be
anticipated and dealt with before they become critical?
Do you have mechanisms in place to scrutinise the quality system for areas
where improvements
might be possible?
Do you review the performance of your quality system to determine whether it is
delivering the
objectives which you have identified for it?
The organisation of audits and reviews is the responsibility of the quality manager,
although he or she will normally involve other staff in actually carrying out audits.
The
quality manager is also responsible for checking that any corrective action agreed
is
adequate, is carried out and is effective.
The frequency of audit and review of the systems is not mandated in ISO 17025,
but a
note in the standard expects that that each aspect of the system will be audited at
least
annually and that reviews will, likewise, be conducted at least annually.
and then carries out audits to ensure that it is working properly. In the absence of
audits,
problems will only be detected when they lead to quality failures. This is a quality
control
approach aimed at error detection; an ISO 17025 compliant quality management
system
is focused on error prevention through quality assurance, and it is only through the
audit
that the laboratory can be sure that the system is working.
Nothing will make assessors more uneasy than the impression that a laboratory
does not
take its audits seriously. A pattern of audits being carried out late relative to the
audit
plan will send the wrong message to assessors, and statements such as, We had to
put
off Octobers audits until September because we had so much work in. are likely
to be
interpreted by assessors as demonstrating a low priority approach to the quality
system.
elements of the quality system and not postponed until it is all in place. This
provides a
valuable check on the elements of the quality system as they are established. A
settling in
period of two to three months should be allowed for each part of the system and
then
that part audited.
An efficient and responsive audit system is a powerful tool in establishing the
quality
system. Inevitably people will tend to forget to do things required by the quality
system
from time to time but, if they learn that any omissions will be picked up quickly
and
corrections asked for, they will rapidly acquire good habits and make fewer
mistakes.
The responsibility for audits lies with the quality manager, who may carry out
audits
directly but will normally delegate at least some of them to suitable individuals.
Auditors should be familiar with the principles of auditing and must be
independent in
the sense that no one may audit an area of activity in which they are directly
involved or
for which they have immediate supervisory responsibility. ISO 10011, parts 1 to 3,
provides useful guidance on auditor's responsibilities and the organisation of audit
programmes.
ISO 17025 does imply that, when resources are not adequate, the independence
requirement of auditors can be relaxed, but experience suggests that accreditation
bodies
will take some persuading on this issue.
In most laboratories it is usually possible to do all auditing with internal staff, but
there is
no reason why outside persons cannot be used. People from other parts of the
organisation to which the laboratory belongs are often suitable.
A typical situation in a small laboratory is that the quality manager carries out
most audits
but some other senior staff member is brought in to audit those areas where the
quality
manager has personal involvement.
An auditor need not have a detailed knowledge of the technical aspects of the work
of
the laboratory but some background is essential.
The quality manager is responsible for ensuring that auditors are properly trained
and
should maintain training records for them. These records can form part of the
overall
training recordssee section 5.3. Training can be given in-house or by outside
agencies,
such as consultants, can be used. A commonly applied strategy is for the quality
manager
to undergo formal training in auditing and then for he or she to train the internal
auditors.
It is sometimes appropriate, especially with very small laboratories, to use external
auditors to achieve independence. These will normally need to be approved by the
accreditation body, but there is usually little problem with this since the
accreditation
body is happy to see steps towards effective and independent auditing.
Page 23
operation of the system as it is about finding problem areas. This means that
auditors
must carefully record details of the systems, records and items examined,
especially if the
report finds no evidence of non-conformance.
The auditor must make a written report on every audit. Other documents should be
appended as necessary. It is customary and helpful for a copy of the auditors
checklist
and notes to be attached to the report.
Some audit report formats make provision for auditors to obtain a confirmatory
signature from laboratory staff for their observations. The idea is to confirm factual
observations so that these do not become a matter for later debate. The point
needs to
be made to the staff confirming the observations that they are only agreeing to the
facts
and not accepting that a non-conformance has occurred. It is only at the second
stage of
the process of audit that the auditor will decide whether an observation is to be
reported
as a non-conformance. The practice of having observations confirmed is not an
essential
component of auditing and whether it is adopted is a matter for the individual
organisation and will be very much determined by the prevailing culture. It does,
however, reduce the possibility of contentious disputes since at least the facts of
what
was observed will not be at issue.
The audit report must detail exactly what was examined during the audit and the
findings
of each examination. Positive reports are required as well as negatives since, to
stress the
Page 24
point again, the audit is as much concerned with establishing that the system is
working
properly as it is with finding problems.
The auditor must be in a position to provide objective evidence for any conclusion
reported. A general impression that all is not well in an area is not an adequate
basis for a
report. When auditing, be objective at all times and be in a position to prove your
point
without the need to debate the question.
Some systems incorporate the concept of levels of non-conformance, for example
major,
minor etc. This is not recommended since every non-conformance requires
addressing
with corrective action. A debate on whether it is major or minor is not relevant and
merely time consuming.
The format of an auditors report on a non-conformance must be objective and
clear. In
reports will be to check that corrective action has been taken and followed through
and
not to use them as a means of detecting the laboratorys weaknesses.
It is good practice for the quality manager to summarise the results of audits. His
summary should collate the numbers and types of non-conformances, classified by
the
Page 25
area of the quality system to which they pertain. The summary should be presented
at the
management review meeting.
The value of the summary is that it will highlight the areas of the quality system
which
fail most frequently and so help to focus the review. The summary can be
particularly
useful in multi-department laboratories where it brings all the audit findings
together and
can help to identify quality problems that are common to several departments.
Such
problems are often most effectively addressed at the higher management level
rather than
by individual departments.
In addition to the planned audit programme there may be a need for audits in
response
to any occurrences which indicate non-conformances with the quality system or
with
ISO 17025. These would include internally reported quality problems, including
detection of non-conforming work, client complaints and actual quality failures
which
come to light in any way whatsoever.
The audit should be organised to address all the relevant parts of the quality
system. The
follow-up is exactly the same as for planned audits, with appropriate corrective
action
being taken and its completion and effectiveness verified.
This should consist of, as a minimum, the quality manager and the laboratory
manager
with someone present who represents the most senior level of management of the
laboratory where decisions on allocation of resources are made. This could be a
representative from the board of the company or the equivalent policy making
body. The
presence of such a representative is key since the there may be resource
implications in
the findings of the committee. Any other persons who might make a contribution
should
be present. These would typically include senior professional staff and, perhaps,
chief
technicians. In a small laboratory with only two or three staff, it is usually most
effective
to involve everyone in the review.
The quality manager is responsible for arranging the meeting and for compiling
and
distributing the agenda. He or she should also ensure that all relevant documents
are
available. These should include but not be limited to:
All audit reports and summaries, including reports by external assessors and any
by
customers;
Feedback from customers;
The proposed audit and review programme for the following year;
Details of in-house quality control checks;
Reports on quality failures and follow-up action;
Reports on customer complaints and follow-up action;
Preventive action records;
Results from participation in proficiency tests and other interlaboratory trials.
The meeting must be minuted and a list of action points prepared. The quality
manager is
responsible for ensuring that all of the actions agreed at the review meeting are
carried
Page 26
out, but the meeting should agree on who will carry out each action and the
timescale.
This should include the updating of any documentation.
The purpose of the review meeting is to look at the performance of the quality
system
over the past year and to decide on any modifications needed to secure
improvements.
The meeting should also consider any modifications needed to meet any changes to
the
quality management standard to which the laboratory adheres and any changes
needed to
address new policy objectives set by the organisation.
The meeting should cover, at least, the following topics:
Quality matters arising from the last review meeting and a report from the
manager
confirming that all actions have been taken;
Report on any surveillance or assessments by the accreditation body;
Discussion of the results of all audits, both internal and external;
Review of the quality manual and decisions on any changes required;
Performance in proficiency tests and any similar interlaboratory exercises; plans
for
future participation in such exercises;
In-house quality control checks;
Complaints from customers and follow-up action;
Results from customer surveys and plans for future surveys;
Because of the variety of sources giving occasion for corrective action, it is useful
to
separate the record system for reporting quality problems from the system for
planning
and recording corrective action. This allows the same corrective action
management and
recording system to serve for all sources of information on quality problems. The
audit,
for example, is reported on a form dedicated to that purpose, and this is cross
referenced
to the corrective action requests.
Page 27
The corrective action record system should provide for the recording of the reason
for
the action and for a detailed description of the proposed corrective action, with an
explanation of how it addresses the root cause of the problem. The responsibility
for the
action should be assigned and a timescale agreed. There should also be a record of
the
arrangements proposed to verify the effectiveness of the corrective action. This
will
normally mean some type of audit, possibly of restricted scope, covering only the
immediate area of the quality system involved in the action.
The quality manager should be required to confirm when the action is complete
and
should also be responsible for ensuring that the verification of effectiveness is
carried out
and recorded.
this way.
There should be regular formal scrutiny of trends in data, especially quality
control
data, by the laboratory management. This should include interlaboratory
proficiency
testing results. The objective should be to identify trends which indicate potential
failures, for example bias developing on a Shewhart chart. This kind of scrutiny
can
be achieved by a regular meeting of senior laboratory personnel, for example the
laboratory manager and senior scientists. The frequency of the meeting will
depend
on the volume of work, but monthly meetings are commonly held.
There should be a preventive action record form. This should carry the suggestion
for
preventive action followed by an evaluation by management and an explanation if
the
action is thought inappropriate. It should be noted, however, that the 2005 version
of
ISO 17025 has a specific requirement for the laboratory to continually improve its
quality system, so arguments against the implementation of preventive action in
response
to identified weaknesses are likely to be difficult to sustain in future.
If action is to be taken, the proposed action should be detailed, responsibility
allocated,
and a date for completion set.
The quality manager should receive a copy of the form and should be responsible
for
following up to ensure that the proposed action is completed and to record this.
This is always a somewhat delicate subject, but the reality is that no laboratory
goes very
long without some queries or complaints from its clients. In order to comply with
ISO
17025, the laboratory is required to record all client complaints, to investigate
them
systematically and to record the result of the investigations and any corrective
action
taken.
This is not intended to create a body of evidence to be used against the laboratory
but is
rather a recognition of the fact that such complaints provide a valuable source of
feedback on the operation of the quality system. After all, the main object of the
quality
system is to ensure that clients are properly served.
4.10.3 Administration
The laboratory quality documentation should state clearly which staff members are
allowed to respond to complaints. This will normally be the laboratory manager
and,
perhaps, other senior staff members.
The person responding must record the complaint and the details of any response,
plus a
record of any corrective action already taken or intended. The record must then be
passed to the quality manager, who should evaluate the action already taken.
The quality manager should decide whether the action taken is adequate or
whether
further investigation and corrective action is needed. In particular the quality
manager
must decide whether an audit is required. Overall, it is the responsibility of the
quality
manager to ensure that the complaint has been properly dealt with, that corrective
action
has addressed the root cause and that any lessons learnt have been incorporated
into the
quality system. He or she is also responsible for ensuring that the record of any
corrective action is madesee section 4.8. The quality manager should also followup to
establish that the action has been effective.
Pro-active soliciting of client feedback is now required by ISO 17025 since the
2005
edition. Both positive and negative feedback are required. At the time of writing it
is not
clear what mechanisms assessors will expect to see for acquiring such feedback,
but the
kind of thing generally expected is annual client surveys or feedback forms sent
out with
test results. In practice, such surveys will cover aspects of the laboratorys client
services
that lie outside the technical area, since experience suggests that it is more than
likely that
client feedback will address issues other than data quality, for example turnaround
times
and sample collection.
There needs to be guidance in the quality manual on how such problems are
handled.
The system needs to address the following issues.
When non-conforming work is detected, then work must stop and management
be
informed.
There must be an investigation and report on the quality incident.
5. Personnel [5.2]
5.1 Key questions
Do you have a record of the qualifications and experience of your staff, with
objective evidence of
their qualifications, for example copies of certificates?
Do you have a clear record with regard to your proposed scope of accreditation of
which members
of staff are authorised to conduct each test or calibration?
Do you have a documented procedure for training staff in quality issues and
technical
procedures, including tests?
Do you have a documented procedure for conducting evaluation of the
competence of staff after
training and before authorising them for the procedure in which they were trained?
Do you have a system for recording training, including objective evidence of
competence?
Do you have a mechanism for identifying which staff conducted each procedure,
test or
calibration?
receiving samples. Sections 5.2.1 to 5.2.3 and section 5.3 below deal in detail with
the
content and format of the training record.
A record of regular re-assessment of the staff members competence at each of
the
listed activities. This is dealt with in detail in section 5.4.
The training record should also provide for the recording of any outside courses
attended by the staff member and for personal certifications or memberships of
relevant
professional bodies. Since the last two are often renewable by annual subscription,
there
should also be provision for recording checks on this renewal by the laboratory
management.
One purpose of the training records is to provide a source of reference by
supervisors
who wish to ensure that the person whom they intend to allocate to a task is
properly
trained and that their training is up to date. They also form an essential part of the
audit
trail since, as we shall see later, all raw data must be traceable to the person who
generated it. The training records complete the loop by enabling a check to be
made that
the person doing the work was adequately trained and checked as competent.
All entries in training records should be made and initialled by the laboratory
manager or
quality manager and, in the case of authorisations to carry out tests or
calibrations,
Page 32
The laboratory management will need to initiate a staff record and institute a
training
programme for each new employee. Obviously, the content will depend on the
employees previous experience and known level of competence. However,
irrespective
of whether the new recruit is of the highest general competence, it will be
necessary for
him or her to be trained in the laboratorys methods and procedures.
This is not to question an experienced new employee's basic competence, but is
principally designed to ensure that the employee is familiar with the quality
system, the
way tests and calibrations are done and how results are recorded in this particular
laboratory. The object is to achieve a maximum of consistency between
measurements
made by different staff members. The new employee must have his or her
competence
assessed exactly as for a trainee and must be observed carrying out the procedures
for
which he or she is to be registered to ensure that the documented procedure is
being
followedsee section 5.3 below.
In the case of a highly experienced new recruit, this assessment of competence
may not
need to be preceded by extensive training, but there must be a f ormal
familiarisation with
the laboratorys procedures and an opportunity to read the documentation.
Most laboratories starting up staff records will have existing employees with
known areas
of competence. There is no need to create a retrospective record of training for
such
persons. The management should prepare an initial list of authorisations for
existing staff
and should note that they were regarded as competent at the start of the record.
There is
no need for assessment of competence for existing employees; they will be covered
during the first re-assessment of competencesee section 5.7.
The staff records will become a complete record of the training, promotion,
assessment
and re-assessment of competence for each employee.
Each record needs to show the dates over which the training was given, the
identity of
the trainer, the identity of the person assessing competence and the date when
authorisation to carry out the procedure unsupervised was given. The entries must
be
confirmed by the laboratory manager or quality manager and must be signed by
the
employee.
The areas of competence listed in the record may be defined in any way suitable to
the
laboratorys operations, but for test/calibration methods there should be a direct
correspondence between the accreditation scope and the training records. From
the
Page 33
Remember that, especially for new employees, the training must include
familiarisation
with the quality system and with basic laboratory arrangements, such as sample
numbering, storage of samples and the mechanisms for recording data and
reporting
within the organisation.
Where it is possible, objective evidence demonstrating the employees competence
should be attached. This might be a set of data obtained by the employee on
standards or
reference samples, or perhaps data which has been cross checked by repetition of
the test
by a staff member already trained for the procedure. The person assessing
competence
should sign such data as acceptable and reference should be made to the source of
authentication, for example a calibration certificate for a reference material or the
data
from repeat determinations.
much to recommend it, but only if the quality manager has the appropriate
technical
expertise.
In addition to authorisations to carry out tests/calibrations, it may be necessary to
have
training and competence tests on particular instruments or routine operations.
This will
depend to some extent on the experience of the staff concerned and should be at
the
discretion of the management. For example, in the case of junior staff with little or
no
experience, it is entirely possible that they will require training in the use of basic
equipment such as volumetric glassware, balances and thermometers.
The onus is on the laboratory to show that its staff are properly trained, and the
management should approach all questions of authorisation and competence
testing with
this in mind.
Once the management is satisfied that the trainee is competent, an appropriate
entry
must be made in the staff records; this should be signed by the laboratory manager
or
quality manager and, in the case of tests and calibrations, the employee. The entry
must
be supported by a brief report stating that the employee was observed carrying out
the
test and giving a list of the operations performed, for example weighing samples,
colorimetric measurement, titration, etc. Copies of worksheets or notebook entries
completed by the trainee and copies of any instrumental output should be
attached.
These should be dated and signed by the person conducting the competence
assessment.
described in section 5.3 above. That is, the employee should be observed carrying
out the
test to check that the documented procedure is being followed, and results should
be
Page 35
to meet the need. The training requirements review is not intended to replace such
normal management response but rather to introduce a pro-active aspect into
dealing
with training requirements.
Such entries may be of any format but should be signed and dated by the
laboratory
manager or quality manager and inserted in chronological order.
In some areas, for example non-destructive testing, staff need to hold personal
certifications which may be subject to re-assessment or renewal by subscription.
Where
this is the case, the training record must include details which show that the
certification
is current, and the laboratory must have a mechanism to check that the renewals
or reassessments
are carried out as required and are recorded.
Page 37
Have you considered whether there are any environmental factors in your
laboratory which
might impact on the validity of tests or calibrations?
Are you conducting any tests or calibrations where the published procedure which
you claim to
follow includes a requirement for the work to be done under specific environmental
conditions,
for example temperature or humidity?
If there are such factors, do you have procedures in place to control and monitor
them?
Do you have any activities which need to be separated to avoid, for example,
cross
contamination?
Do you have procedures in place which will create an objective, auditable record
that
environmental conditions which might affect tests or calibrations are controlled and
monitored?
Do you have clear instructions to staff on actions to be taken when conditions
move out of
specification?
In the case of chemical analysis, the cross contamination between samples and
possible
environmental contamination of samples are likely to be the overriding
considerations.
Another concern is that chemical testing requires standards often comprised of
pure
samples or concentrated solutions of materials which are being tested for at trace
levels.
It is common to monitor the temperature of chemistry laboratories, although this is
rarely necessary. It can be argued that volumetric measurements, in particular, are
Where samples containing high levels and low levels of the same targets are
being
handled, for example pesticide formulations and samples for residues analysis,
carry
out the sample preparation work and, where possible, the instrumental analysis in
well separated rooms with their own glassware.
Where possible, provide segregated washing up facilities for glassware with
segregated uses. If this is not possible, then ensure a management regime such
that
glassware is not interchanged, for example use clearly labelled baskets to deliver it
to
and collect it from the washroom.
Enforce good housekeeping and tidiness by general management pressure; have
a
designated time each week for cleaning and tidying the laboratory.
Have a system for reporting and recording all spillages. Where foreseeable, have
a
documented procedure for dealing with specific types of spillage.
6.2.2 Microbiology
In the case of activities such as microbiology, the assessors will look very closely to
see
that the laboratory is designed so that it is easily kept clean and any spillages can
be
contained and thoroughly cleaned up. Impervious bench tops with good seals
against
walls and floor and around fittings such as sinks will be expected. Floors need to
be
continuous sealed surfaces. In practice, microbiology laboratories will need to be
airconditioned
with split type units and all windows sealed to prevent opening. Entry to the
laboratory should always be double doored with a vestibule and changing/washing
area.
An issue often raised in microbiology is that of whether reference cultures of
organisms
should be held for control purposes, bearing in mind the danger of contamination
of the
laboratory by organisms which are the subject of tests on samples.
There is no doubt that positive controls are essential, so laboratories have to work
with
them. The following precautions are needed, however: Segregate storage of reference cultures in their own dedicated refrigerators and
freezers.
Have a segregated area for handling the references, ideally with a laminar flow
cabinet.
Use dedicated laboratory coats and overshoes/shoes for work in the segregated
area.
The following will be expected in an accredited microbiology laboratory: Clear segregation of samples, references and media storage.
Dedicated laboratory coats and footwear with a changing area where staff can
wash.
A planned cleaning regime for the laboratory, covering benches, floors, windows,
light fittings, ventilation grills, air conditioners, water baths and autoclaves. The
frequency and actual scope of these activities is a matter of debate between
different
experts, but accreditation bodies will normally have technical guidance documents
specifying their particular expectations.
Regular monitoring of the environment with surface swabs and air plates. A
weekly
regime is typical.
Documented procedures for dealing with spillages and records of spillages and
action taken.
Monitoring of temperature and humidity: limits need not be stringent but
humidity
above 50% and temperatures above 25C can lead to problems of mould growth.
Page 39
If these conditions are not met, then the test procedure is not being followed and
cannot
be accredited.
Laboratories working in these fields will need to have specialised equipment to
control
temperature and possibly humidity. Moreover, the conditions will need to be
independently monitored and recorded to provide a record that any given test was,
in
fact, performed under the correct conditions. The best way to do this is to have a
continuous recorder, such as a thermohydrograph, so that a chart or computer
record is
generated which can be archived. Such equipment must, of course, be calibrated.
It is not unusual to find laboratories with temperature and humidity control where
the
control equipment is only operated during working hours. Often such laboratories
have a
separate atmospheric control cabinet, which is run continuously and where
samples are
pre-conditioned.
This mode of operation is possible in an accredited laboratory but is not entirely
satisfactory. Moreover, careful records are required as follows: The atmospheric parameters must be recorded continuously so that the time
when
they were in specification is clearly established.
The start and end time of each test must be recorded so that it is possible to
audit
this against the atmospheric condition record.
Where there are areas needing to be protected from unauthorised access, for
example areas where there are hazards for untrained persons or contamination
risks,
such areas have active controls and that digital locks with restricted access to
codes
are widely used.
Where contamination is a possible issue, for example in microbiology
laboratories,
any visitors to the laboratory are bound by the same rules about wearing
laboratory
overalls and footwear as are workers in the laboratory.
Any clients or other outside visitors are accompanied at all times when in the
laboratory. Some relaxation of this is normally operated with service engineers
who
may be working in the laboratory for long periods and where continuous
supervision
is impracticable. The best practice is to ensure that the engineer is advised of the
areas of the laboratory where he or she is permitted access. The engineer should
also
have a clearly assigned person on the laboratory staff to liaise with and who can be
approached if the engineer needs access to other areas.
It is common to have a signing in system for visitors to laboratories. Often local
safety regulations require this. This practice is encouraged since it formalises
access
although, of itself, it provides no particular barrier.
Overall, security of the laboratory is necessary not only to protect confidentiality
but also
to ensure the integrity of samples and data. There should be a clear barrier
between
public areas of the organisation and the laboratory and, ideally, a physical barrier
such as
a door with a digital lock with, possibly, a doorbell for non-laboratory staff wishing
to
enter.
Out of working hours, laboratories should be locked or covered by active security.
Samples, in particular, should be separately secured, ideally in locked storage, and
data
Page 41
laboratory nor one where working conditions are poor. The rules of most
accreditation
bodies, moreover, allow assessors to refuse to enter areas which they consider
dangerous
Page 42
validation but will have to have data to show that it can achieve the level of
performance which the standard specification claims for the method or, failing
that,
a level of performance appropriate for the purpose for which the measurement is
being made.
Documented in-house methods which are the laboratorys own methods; these
must
be subject to a high level of validation. The accreditation body will need to see the
validation data, and assessors will have to be presented with data to satisfy them
that
the method is technically sound, suitable for the purpose claimed and acceptable
to
clients.
Documented in-house methods based on standard specifications; this category
makes up a major part of many laboratories scopes since it avoids the commitment
of being pinned to the fine print of the standard specification whilst maintaining
the
credibility provided by the standard specification. Placing an in-house method in
this
Page 43
category will generally reduce the amount of validation which a laboratory has to
do.
The degree to which this is true, however, will depend on the extent of the
departure
from the standard specification. Care needs to be taken, when reporting data from
such methods, to recognise the variation from the standard specification. It is also
necessary to ensure that clients are aware of the variation and accept the resulting
data as still being suitable for their purposes.
An issue which often arises is where a standard specification has been revised but
the
laboratory, or its clients, wishes to continue to use the old version. The general rule
is
that clients of the laboratory who request a test to a particular standard
specification are
entitled to assume that the laboratory will use the current version and, if it is using
an
older version, then they must be informed and advised of the differences. Whether
to
proceed then becomes the clients decision. On the other hand, if the client
specifies an
older version, then the laboratory must respect the clients wishes, subject to the
requirement to draw the clients attention to any limitations introduced by this
choice.
Any report must, of course, specify exactly which method was used and note any
deviations from the standard procedure.
The accreditation body will often be reluctant to allow an older version of a
standard
method to be quoted on a scope but there is nothing in the current version of ISO
17025
which precludes this absolutely.
2. The laboratory determines whether the request is clear in that it either identifies
specifically the test or calibration procedure required or makes clear the clients
objective in requesting the work.
3. The laboratory identifies whether the requested work is routine, in the sense
that it
has a validated, documented and appropriate procedure. If the work is identified as
routine, then all that is necessary is for the laboratory to ensure that it can meet
the
clients requirements on turnaround. There might, though, be an issue here if the
work requested involves an abnormally large number of samples, for example.
4. If the work is not identified as routine, then it will be necessary for the
laboratory to
determine whether it can accept it. This will require an assessment of whether the
necessary equipment and expertise is available. A method will also have to be
identified and arrangements made to validate it.
In the case of work not obviously routine or where instructions are not clear,
however,
and always on the initial interaction with a new client, a full review will need to be
conducted and recorded. This complete process of contract review will normally
involve
interaction with the client, culminating in the laboratory communicating its
intentions to
the client and seeking their approval. All of this must be recorded, including notes
of
telephone conversations, and correspondence attached. The laboratory should
have a
simple standard pro-forma for recording the steps in the contract review.
The pro-forma should identify who conducted the review, the client details and
contact
information, and details of the work requested, either explicitly or by reference to
an
attachment such as a purchase order. A part of the pro-forma should require and
record
an assessment of whether the work is routine, in the sense that it can use one of
the
laboratorys standard methods. If work is identified as routine, then the record can
stop
there, but the pro-forma should provide for further review and records. These
should
include identification of the capabilities needed to carry out the work: expertise,
equipment, method selection and validation, in particular.
Finally, there should be provision for recording the clients approval of the
laboratorys
proposed approach to the work. There is no absolute requirement to seek such
approval
in writing, but the pro-forma should identify who gave approval on behalf of the
client
and the means, for example in writing, by telephone, etc.
The quality manual should document the procedure for contract review and assign
responsibility. The key aspect should be to specify who may conduct the initial
assessment of whether work is routine or not. It will then normally be necessary to
identify who has the responsibility for determining whether a request for nonroutine
work will be accepted and to assign authority to evaluate and commit the
necessary
resources.
Typically, the laboratorys normal process for receiving requests or samples from
clients
will form the front end of the process, and relatively junior staff can operate this
system
and even contact clients for clarification of unclear requests. However, the decision
on
acceptance of non-routine or high volume work will usually have to be referred to
management.
The standard does not require the full contract review process to be conducted
every
time an individual piece of work is received. It recognises that repeat work from
established clients need only be subject to contract review at the initial setting up
of the
programme or, subsequently, if there are any significant changes. For such repeat
work,
the requirement to record contract review is satisfied by recording the receipt of
the
work, the date and the identity of the person conducting the work.
Page 45
Method validation can be seen as a two stage process, with the stages roughly
equating to
the somewhat outmoded concepts of establishing precision and accuracy. In the
first
instance, the laboratory needs to establish the extent to which it can reproduce
measurements and hence show that it can deliver consistent data within known
limits.
This is only the first phase, however, since a laboratory which can reproduce
measurements well might still have a bias in its data. It could, so to speak, be
consistently
wrong. In order to address this issue, the laboratory will have to look outside and
test
itself against agreed reference points.
In calibration, the equivalent to method validation is the establishment of the best
measurement capability. This is a measure of the smallest measurement
uncertainty
which the laboratory can achieve for the specific calibration under ideal
circumstances.
Clearly the reproducibility of the measurement is a key factor in limiting the best
measurement capability, but there must also be a test to establish whether there is
any
bias which will also impose limitations. The ideal circumstances referred to above
pertain to a situation where the only source of uncertainty is that arising from the
calibration procedure and references, and where there is no contribution from the
item
being calibrated. Clearly this represents a practically unachievable ideal, but it is a
useful
concept in that it sets a lower limit on the uncertainty of the calibration. Any real
calibration must have an uncertainty of greater than the best measurement
capability.
The key to determining how much validation is needed for a method is to be found
in
the fit for purpose requirement. The onus is on the laboratory to show that the
method
as applied by it is suitable for the purpose claimed or demanded by clients.
If the laboratory has devised the method itself, then adequate validation might well
be a
very complex and involved process requiring a demonstration of the scope of
Page 46
Spikes are widely used for method validation and calibration in chemistry and
microbiology. They provide a reasonable alternative to certified references, if the
spiking
material is adequately authenticated, ideally by certification of its purity. On the
face of it,
a spike has the advantage that the laboratory can spike into a matrix which is
absolutely
typical of its normal sample stream. The counter argument is to question whether
a
material spiked into the sample artificially is really present in the same distribution
and
speciation as the actual target. The strength of this argument depends on the
matrix. A
metal ion spiked into a water sample might well be regarded as a valid approach,
but a
pesticide spiked into a food sample may be questioned on the grounds that the
pesticide
in real samples was, perhaps, systemically absorbed by the crop used to make the
food
and so may be bound into the cell structure. However, in complex matrices the
spike
may be the only alternative, however imperfect it may be suspected to be.
A spike is generated by taking a real sample and adding a known amount of the
target in
question. Ideally, the base sample for the spike should have little or none of the
target
Page 48
present before spiking. If this is not possible, the spike level should be large
compared to
the natural level present. Of course, the natural level must be known in this
instance. The
spike must be thoroughly mixed and distributed homogeneously throughout the
matrix.
available.
The spike does not provide true traceability but it can be reasonably assumed that
laboratories which are able to demonstrate good recoveries of spikes have good
accuracy
and hence will tend to agree.
The use of spikes is especially important where laboratories are carrying out tests
in
complex matrices which may affect the results. Examples are water analysis where
matrix
effects are common and microbiology where components of the sample may well
affect
the viability of organisms. The spike, at the very least, demonstrates that the
laboratory
would detect the material or organism being sought if it were present.
Quality control samples are used in exactly the same way as spikes and CRMs.
They are
merely samples for which the laboratory has established values and acceptance
limits.
They are tested along with unknown samples as a performance check. The
laboratory
may establish the values of the analytical quality control samples by repeated
testing, but
The laboratory will need to have a policy on the use of quality control samples and
for
evaluating and responding to quality control results. Guidance on this is given in
section
7.6.
Laboratories using spikes and other forms of analytical quality control samples are
effectively monitoring the consistency of their own performance. They should have
a
very good picture of their internal reproducibility. If they perform well on spikes
and on
any CRMs, they have also every reason to believe that their results are accurate.
Nonetheless, it is in the interest of any laboratory to test this assumption from time
to
time by exchanging samples with other laboratories and comparing results.
Such exercises are a very effective extension to the internal quality control
programme of
laboratories. They also provide an element of traceability when CRMs are not
available
since the more laboratories agree on results and the wider the range of samples on
which
they agree the more certain everyone can be of the accuracy of the collective
results. This
is further reinforced if agreement spans several analytical methods for the same
determinand.
Interlaboratory studies may be informal, in that a group of laboratories will
exchange
samples on an ad hoc basis, or may be formal exercises organised by a third party
who
circulates performance indicators. Irrespective of how it is done, the crucial part of
the
exercise is that the laboratory uses the data. This means reacting positively to any
results
which indicate that it is not performing as well as the other participants and
carrying out
remedial action.
Participation in appropriate interlaboratory proficiency schemes will normally be
required
by accreditation bodies, and some bodies actually operate their own schemes.
Although
interlaboratory comparison is listed in ISO 17025 as only one of several quality
maintenance options, most accreditation bodies will insist on its use wherever
possible. If
there are schemes available in a laboratorys sphere of activity or opportunities for
ad hoc
exchanges with other laboratories operating in the field, the accreditation
applicant will
have to provide good reasons to the accreditation body for not participating in
these
activities. The accreditation body simply sees inter-comparisons as the most
stringent test
of a laboratory and wants to see the laboratory subject itself to such a test.
The recently changed world security situation has resulted in severe difficulties in
shipping samples for proficiency testing across national boundaries, especially by
airfreight. This has, unfortunately, coincided with an increase in the insistence, by
accreditation bodies and particularly by the regional laboratory accreditation
conferences,
on proficiency testing as an activity for accredited laboratories. As a result it is
becoming
almost essential for any national accreditation body to ensure that adequate
proficiency
testing is available within the country before it can seek international recognition
through
MRAs and conference membership.
Accreditation will not normally be conditional upon any particular level of
performance
in interlaboratory comparison, but what will be required is for the laboratory to
have a
documented procedure for evaluating the results from its participation and for
responding to any problems revealed. There must also be records showing that the
results were evaluated and what action was taken to remedy problems.
The accreditation body will not withdraw accreditation on the basis of isolated
instances
of poor interlaboratory proficiency performance. However, if a laboratory is
consistently
Page 50
In the case of many methods, neither certified reference materials nor effective
spikes are
available. There may, however, be what are often referred to as consensus
standards,
recognised by all parties concerned. These would include many industry standards,
such
as those used in, for example petroleum source rock analysis or colour fastness
measurements. Such standards may not be traceable in a strict sense but are used
to
ensure consistency of data within the industry sector and hence form a basis for
agreement when testing against product quality standards.
There is another approach to testing that is also recognised as a means of
providing
confidence in results, a well established one in analytical chemistry:
determinations by
against the reference method from time to time and would be under an obligation
to
demonstrate that any method which they choose to adopt gives data comparable to
that
from the reference method.
Even where targets are clearly defined, it may be necessary to agree on a
reference
method. This will arise when there are several methods which typically return
different
results.
Ideally, the technical problems implied by the inconsistency between methods
should be
resolved, the best method chosen and the rest discarded. Sometimes, however, it is
not
possible to come to a definitive answer on which method is technically superior
and,
especially where enforcement is the issue, one method is more or less arbitrarily
defined
as giving the correct result in order to solve the impasse.
Under these circumstances, interlaboratory calibrations are essential since the
method
defines the reference values and this is meaningless unless all participating
laboratories
are able to produce results which agree when all use the reference method.
therefore, gives an early warning of a problem with the test or calibration system.
What is
really useful is that the problem has been detected before data is compromised.
Increasingly, assessors expect laboratories to make use of their quality control data
in this
fashion. Paragraph 5.9.1 of ISO 17025 makes explicit reference to recording data
in such
a way that trends can be detected, which strongly implies the use of control charts.
The
Page 52
next section gives an introduction to the use of control charts which might be
adopted
by a laboratory which is new to the area of statistical quality control.
0.1
A common rule of thumb is to review the data every sixty points. If 1-6 (inclusive)
points
are found outside the 2 limits, then the indication is that the limits are
satisfactory. If
more points are found outside, then the limits are optimistic and either they should
be
revised or the method investigated in order to bring it back to a level the
performance
required. If no points are found outside 2, then new limits should be set reflecting
the
enhanced performance. Some laboratories take the view in this last case that they
will not
reduce the limits since this will result in increased rejection of data. In these
circumstances, the decision on whether to revise to tighter control limits will be
determined by whether the un-revised limits are acceptable in the sense that they
indicate
that the method is fit for purpose.
There is no simple answer to how frequently quality control items should be run.
The
trite answer is as often as necessary.
A general rule of thumb is that they should be included at a minimum rate of one
quality
control item in twenty but ideally one in ten. Experience of a method in a
particular
laboratory may indicate that more frequent checks are required.
In the case of methods which involve batch treatment of items, at least one quality
control should be present in each batch.
Some items can be tested or calibrated in duplicate as a check on the
reproducibility of
the method. It is far more useful, however, to expend the same effort in testing
another
1.9
Warning Limit +2
1.6
Expected
value
1.0
Dateoftest
Warning Limit -2
0.4
Action Limit -3
X
X
X
X
X
X
X
X
XX
X
X
XX
X
XX
X
X
X
X
X
X
X
X
Page 54
quality control standard since this not only checks consistency but also gives
information
on overall error.
A method which can only be controlled by a high frequency of quality control
checks
should be looked at very carefully and seriously considered for replacement by a
more
stable method.
on the use of particular models of instrument and also with information on local
quality
control regimes and the quality control data to be collected.
Another common situation where supplementary documentation is likely to be
required
is where a standard specification requires choices of procedure, based, for
example, on
sample or calibration item type. The laboratory must ensure that the option chosen
will
be selected consistently irrespective of the person doing the selecting. It may,
therefore,
be necessary to provide guidance on how to make the choice in the supplementary
documentation since standard specifications are frequently less than explicit in this
area.
In-house methods will need complete documentation; section 7.8 contains a
suggested
format. This can also be used as a checklist for determining whether published
documentation is adequate. If it does not cover all of the points noted in section
7.8,
then any omissions will need to be provided for in in-house-generated
documentation.
Where the method is an in-house method based on a standard specification, there
will
need to be documentation specifying the variations from the standard and
crossreferring
to the specification.
All the documentation of methods must be issued as controlled documents. This is
typically done by compiling a methods manual consisting of in-house methods
documentation, any supplementary documentation for standard methods and a list
of
standard methods used by the laboratory. The methods manual should also contain
information on where the standard specifications can be found in the laboratory. It
will
normally also need to refer to the appropriate instrument manuals and
instructions.
The following sections should be included in the documentation except where the
quality
manager decides a section is inappropriate.
Page 55
7.8.1.1 Title
The title should be brief but must include a reference to the property to be
measured or
the calibration objective.
7.8.1.2 Scope
This should clearly identify the range of items to which the test or calibration is
applicable and any limitations on the range of any parameters which are
measured, for
example suitable for measuring lead in wastewaters in the range ... to ....ppm.
7.8.1.3 Principles of the method
A brief description of the principles behind the measurement or calibration must
be
given; for example a coloured complex is formed between the metal ions and
dithiazone. The
concentration is determined by comparison of the absorbance of the solution at
259nm with the
absorbance produced by solutions of known concentration.
7.8.1.4 Sample requirements for test methods
The type of sample to which the test can be applied must be noted here. This
section
also contains instructions for any special sampling techniques, sample handling
and
preservation, sample preparation or pre-treatment required. Alternatively, it can
refer to
other documents in which these procedures are described.
7.8.1.5 Materials
Any materials or consumables used by the method must be specified together with
any
required standards of purity or performance. Any quality checks on reagents must
be
described or the method for carrying out the checks must be referred to. Avoid
referring
to specific suppliers or products in this section, unless the source is critical to
obtaining
the correct quality of material, otherwise you run the risk of having a nonconformance
merely because your usual supplier had no stocks and you used an alternative.
If you think that giving a supplier is useful to staff, then use a form of words such
as:
High performance liquid chromatography column, reversed phase ODS silica, 10cm,
5 mm i.d. A
suitable product is Chromatography Supplies Cat. No. LC/98765/ODS.
7.8.1.6 Equipment and calibration
A brief description of the equipment must be given, with instructions on whether
calibration is required before each use and how this calibration is to be carried
out.
It should be clear from this section what action is required when check criteria are
not
met. This need not be a detailed description of how to remedy particular problems
but
might refer to a manual or merely instruct the user to refer the problem to, for
example
the laboratory manager.
7.8.1.8 Environmental factors
Any environmental variables which should be taken into account or measured and
recorded as part of the test or calibration must be noted. This would be relevant,
for
example, in the case of most calibrations and in materials testing where certain
ambient
temperature ranges may need to be adhered to for the test or, possibly, the
temperature
of the test may need to be recorded in the report.
7.8.1.9 Interferences
Any interferences, for example spectral, chemical, physical, etc., which might
affect the
results should be detailed with any precautions to be taken to minimise such
effects.
7.8.1.10 Procedure
A detailed description of the procedure must be given, including any quality
control
measurements required, for example duplicate or reference measurements. The
level of
detail is difficulty to specify for any particular type of test or calibration but the
assessors
will have to be satisfied that the description defines the procedure adequately to
enable it
to be carried out in a consistent manner by different staff. You can, of course,
assume
that staff have been trained. There is no compulsion to attempt to produce a
description
that could be followed by a raw recruit.
7.8.1.11 Recording data
This section must give precise instructions on the data to be recorded from
test/calibration items and for quality control. The format of any tables for results
must
be specified. Where worksheets are used, an example should be included with
specimen
data filled in.
7.8.1.12 Calculations
Full details of any calculations to be carried out must be included, with
instructions on
how calculations are to be checked, for example by a second person. Where
calculations
are done on a computer, for example by spreadsheet, there should still be a
description
of the calculations required and a clear identification of which sheet is to be used,
for
example file name.
7.8.1.13 Quality assessment
This section must specify precisely the criteria to be used to judge when results
meet the
necessary quality standards. This may include details of the correspondence
required
between duplicates or the values required to be returned for quality control. The
objective, again, is to achieve consistency. There should be enough detail here to
ensure
that any person using the guidelines will come to the same conclusions. This
normally
means defined quantitative criteria or reference to rules for interpreting statistical
quality
control data.
Instructions on the response required to a failure in quality control must be given.
This
may simply be a requirement to re-run the test or calibration. Where this is not
technically possible, it will normally be necessary for the laboratory manager to
make a
decision and, in most instances, to contact the client.
Page 57
quality manual.
The laboratory must document in the quality manual who is authorised to approve
deviations from standard methodology. This should normally be at the level of
professional staff or even the laboratory manager. The objective should be to
ensure that
the decision is not made by a junior staff member who may well not understand the
full
technical or service implications. The person authorising the deviation should be
made
responsible for ensuring that the necessary records are made.
Consideration should also be given to whether a deviation needs to be discussed
with the
client as part of the contract review requirementsee section 7.3. This will
normally only
be necessary where the deviation affects the utility of the data, for example when it
calls
into question whether the test method can still be regarded as complying with a
standard
specification.
Page 59
8. Equipment [5.5]
8.1 Key questions
Do you have a system for commissioning equipment and verifying its
performance and
calibration before it is used for test or calibration work?
Do you have a plan for periodic calibration and verification of the performance of
all equipment
which affects the validity of measurements?
Do you have records showing that this plan is followed and which enable the
status of any
equipment to be verified at any point in its history of use?
Is equipment subject to regular checks or calibrations labelled so that its status
can be seen
immediately by users?
Where the equipment replaces or duplicates existing equipment, the checks should
include a comparison of the results from each unit to establish the variations which
might result.
The basic details of the equipment and a report on the commissioning checks
should be
recorded as part of the equipment log. Supporting evidence such as results and
instrument output should be attached. The laboratory manager should approve the
checks and sign to accept the equipment into service.
Equipment undergoing trials must either be segregated or clearly labelled as not
to be
used so that there is no possibility of its being inadvertently used for routine work
until it
is formally accepted.
ISO 17025 paragraph 5.5.5 gives a list of information which must be on record for
each
piece of equipment. This information should appear as the initial page of the
equipment
log.
For this kind of reason, most equipment will require some formal checks even if it
is
effectively checked with the standards at each use.
equipment so that its state of calibration and performance at any point in time can
be
demonstrated.
calibrated equipment is required. The simplest way to achieve this is to label all
indicator
equipment as such.
Equipment which is effectively calibrated at each use should carry a label to this
effect
with a reference to the calibration instructions, which might be within a method
description. An example would be a pH meter which might be labelled CALIBRATE
AT EACH USE Ref. Method CA/001
Some equipment is difficult to label in the conventional sense. Volumetric flasks
and
thermometers can be a particular problem. There is still a requirement to mark
with the
calibration status but this could be by means of a colour code or other marking.
For
example, all calibrated thermometers could have a piece of distinctively coloured
tape
wound round their stems and the laboratory could have a notice saying
CALIBRATED
THERMOMETERS ARE CODED BLUE-Expiry date 31st May 2007.
Where equipment which is calibrated or verified at regular intervals has
adjustment
screws which should only be adjusted as part of the calibration procedure and are
not
needed in normal use, these should be sealed in some way, for example by signed
labels,
to prevent tampering, or at least prevent any tampering being unrecognised.
than if from a commercial calibration service drawing its calibrations from the
same
national metrology laboratory.
Around the world, some national metrology services have established particular
reputations, but even this does not guarantee acceptance by any specific
accreditation
body unless there is a formal mutual recognition agreement. However, calibrations
from
the national services in the Republic of Singapore, the Republic of Korea, the
Republic
of India, the Kingdom of Thailand, most EU countries, Japan, Australia, New
Zealand,
the Republic of South Africa, and NIST in the United States of America are
generally
well regarded at the time of writing.
The key issues on which the accreditation body will need to be satisfied with in any
calibration are as follows: That the references used are properly calibrated and provide international
traceability.
That the calibration procedures being used are scientifically sound, of known
performance characteristics, for example uncertainty of measurement, and subject
to
proper quality control.
That staff carrying out the procedures are properly trained and competent in the
calibrations performed.
It is strongly recommended that any laboratory intending to use a particular
calibration
service, even a national metrology laboratory, enter into a dialogue with the body
chosen
as a potential accreditor for the laboratory along the following lines: Determine whether the calibration service has ISO 17025 accreditation and who
its
accreditation body is. Ask the proposed accreditation body for your laboratory
whether they have mutual recognition for calibration with the accreditation body
of
the calibration service.
If the calibration service is not accredited, then ask the proposed accreditation
body
for your laboratory whether they have any policy on the acceptance of calibrations
from the proposed calibration service.
Page 65
If the issue is still unresolved, ask the proposed accreditation body for your
laboratory what information they would require to make a decision on the
acceptability, or otherwise, of calibrations from your proposed calibration service.
What they will normally ask for initially is examples of calibration certificates;
information on how the calibration service establishes its traceability; what
arrangements the calibration service has for measurement audit or intercomparisons
with other calibration bodies; and whether it has a pro-active and auditable quality
system.
There are many areas of testing, in particular where measurements are not strictly
traceable to an SI unit. Many types of product testing fall into this category and
rely not
on a fundamental unit but on a recognised industry standard. For example, colour
fastness in textiles is measured relative to a specific standard blue cloth. There is
no SI
unit of colour fastness. Similarly, measurements such as abrasion and pilling
resistance
rely on comparison with standard samples or photographs of samples. The basis of
the
comparison is universally accepted but it is not a fundamental unit as such.
ISO 17025 allows for this in testing and in calibration through paragraphs
5.6.2.2.2 and
5.6.2.1.2 respectively. Here the idea of traceability to a certified reference
material, a
reference method or a consensus standard is accepted where relevant.
A difficulty which sometimes arises in this area is that some accreditation bodies
persistently refuse to apply these clauses of the standard and insist that they will
only
offer accreditation for calibrations and measurements which are traceable to SI
units.
Strictly speaking, this is a practice discouraged by ISO 17025, which frowns upon
extensions to the standard, but nonetheless it can present a problem for
laboratories
seeking accreditation. If you have tests which fall into this category, then it is
advisable to
determine the attitude of your possible accreditation bodies before becoming
committed
to them as accreditor.
evaluation, and purchasers rely on the credibility of the supplier and on the
content of
the certificates provided to give confidence that the values quoted for the
reference
material are reliable. Whether the reference material comes with enough
information to
enable it to be classed as a certified reference material (CRM) or only as a
reference
material (RM) is a matter of interpretation. The basis of any particular suppliers
interpretation of the terms can normally be found in their catalogue. Note that in
the US
the terms NIST Reference Material or Standard Reference Material (SRM) are
generally
regarded as equivalent to CRM.
In practice, a reference material obtained from a reliable organisation, such as
NIST, the
EU Community Bureau of Reference (BCR) or the United Kingdom Laboratory of
the
Government Chemist (LGC), will be very widely recognised and can be regarded as
a
reliable basis for checking the accuracy of methods.
competent.
That there were auditable records showing that all of these criteria were being
met
on a routine basis.
Note, too, that the internal calibration would also have to be subject to an
evaluation of
its uncertainty by the laboratory just as though it were carried out by an external
accredited calibration service.
In practice, laboratories typically carry out some calibrations in-house;
thermometers,
spectrometers and simple equipment, such as pH meters and conductivity meters,
are
examples. However, more complex calibrations, and especially those requiring
expensive
references which are themselves expensive to recalibrate, are typically carried out
by
outside services. For example, balance calibration is quite complex, needs only to
be
done fully once a year and needs expensive weights which have themselves to be
calibrated annually. It is, therefore, more economical in most situations to use a
commercial calibration service.
Another point to consider is the question of adjustment of equipment found out of
calibration. This can be a skill in itself and may well be outside the capability of the
laboratory. Modern balances are a case in point. In these circumstances, the use of
a
service which calibrates and can, if necessary, service and adjust is likely to be an
attractive option.
Each laboratory must have a policy for determining calibration intervals, the object
being
to ensure that re-calibration takes place before the previous calibration has
deteriorated
to the point where the validity of the measurements is called into question.
To some extent, routine quality control checks will provide information which could
reveal instruments drifting out of calibration. However, wherever practicable, the
laboratory should institute a regime for verification of calibration of equipment
between
formal calibration intervals in order to detect unexpected drift or malfunction. This
is
particularly important for key items such as balances where a loss in calibration
would
have far reaching consequences.
Where it is not possible to carry out any simple routine verification to confirm that
calibration is maintained, the laboratory will have to rely on setting specific
calibration
intervals. In the first instance, the laboratory sets an initial calibration interval
based on
the manufacturer's recommendations, the heaviness of use of the instrument, the
accuracy required, the perceived risk of a loss of calibration and the magnitude of
the
The process may, conversely, provide evidence of the stability of equipment and
hence a
justification for reducing the frequency of calibration relative to the original
estimate.
Whatever the strategy for deciding calibration intervals, it must be consistent and
documented. It should also take into account that it is not unusual for accreditation
bodies to insist on minimum calibration intervals for some equipment, for example
balances, which are typically calibrated annually. In some cases, the accreditation
body is
prepared to consider relaxations to longer calibration intervals, but the laboratory
would
have to provide convincing evidence that data validity is not being compromised by
extending the interval.
It should also be borne in mind that some test methods, for example construction
materials testing, include requirements for verification of equipment calibration at
specific intervals. These intervals must be complied with or the test method will be
invalid.
All items must have a unique identifier which stays with them throughout their
time in
the laboratory. Although the standard does not actually require sample numbers, it
is
generally difficult to persuade assessors that, for example, using the clients
sample
description as an identifier provides unique identification. Bear in mind that the
uniqueness must be retained over the period for which the laboratory retains its
records,
so a system over which the laboratory does not have direct control is immediately
suspect as possibly leading to duplication.
For the same reason, it is not adequate to retain a numbering system which
repeats
cyclically. It is not uncommon for laboratories to set sample numbers to unity at
the start
of a calendar year since they only expect to keep samples for a very short period.
The
records, however, will have a much longer currency, which must be allowed for in
the
numbering system.
The numbering method can be chosen to suit the requirements of the laboratory,
but it
must be unambiguous. The laboratory sample number must be related to any client
identification details. The simplest way to do this is to record the laboratory
number and
the client's identification in the sample receipt records.
Both the laboratory number and the client's identification details will have to be
included
in any report sent outsee section 13.
requirements are passed to the person who will actually do the test or calibration
work.
This should normally be done in writing so that a traceable record is kept. This
requirement is met, for example, by the person allocating work completing a
worksheet
and passing it to the laboratory staff.
Once the work is complete, there must be a documented procedure showing how
the
data is checked and transcribed to the final report. It should be absolutely clear
who is
responsible for deciding whether the quality control criteria have been met and
who can
release the data.
There is no problem with having checks performed at different levels in the
management/technical structure, but the system must be clear and the quality
control
information must be recorded explicitly. A system where individual staff are given
the
initial responsibility of verifying that their data meets the quality control criteria is
perfectly acceptable provided the information necessary to ensure that the checks
are
performed consistently is available to all who carry out the checks. This may be
achieved,
for example, by including details of the acceptance criteria in the methods
documentation. However, the responsibility for the final release of data to clients
must
reside with clearly identified individuals.
possible, samples should be retained for a period after the report is issued in case
there
are any queries which might be resolved by re-test. In the case of some
determinands, of
course, this is impractical in any case so the laboratory should reserve the right to
dispose
of samples immediately if their retention makes no technical sense.
ISO 17025 specifies no minimum period for sample retention but one month after
report issue is widely used where it is technically meaningful to re-test a sample.
Clients
should be made aware, for example through the laboratorys standard terms of
business,
what the sample retention policy is so that there are no misunderstandings.
It should be clearly documented who may authorise sample disposal and all
disposals
should be recorded.
Page 72
loop can be closed, making it possible to check that the work was done by a
trained
member of staff, using appropriate methods, on correctly functioning and
calibrated
equipment.
The record must be complete so there should be no use of scraps of paper. All data,
calculations and observations must go on worksheets or in notebooks in non-water
soluble ink or ball point pen. Pencils and water soluble felt tip pens should be
banned
from the laboratory.
Corrections to notebooks and worksheets must be made in such a way that the
original
version can be read. The approved method is to cross out the original with a single
line
and write in the corrected version as near to it as possible. Corrections should be
initialled and should, ideally, carry a note explaining the reason for the correction.
Correction fluids should be banned from the laboratory completely.
11.3 Worksheets
Worksheets are the best strategy for the routine laboratory. There should be a
worksheet
for each test or group of related tests. The worksheet should not only provide
space for
recording results but should also require all calculations to be done on it. In fact,
wherever possible, the calculations should be laid out in outline ready for the
variables
and the results to be written in.
This should include all calculations, even those required to calculate dilution of
standards
and weights derived by difference. The object is to have as much information as
possible
to support quality assurance and to provide for error tracking. A well designed
worksheet
should also reduce the likelihood of errors.
Page 73
All entries must be initialled and all calculations should, wherever possible, be
checked
and initialled by the checker. The checking of all calculations is sometimes resisted
by
laboratories on the grounds that it duplicates work. ISO 17025 is specific in
requiring
calculations to be checked although it does not actually say that this must be by a
second
person. Whatever policy is adopted, the onus of proof will be on the laboratory to
demonstrate that there is not a substantial error rate in calculations. One possible
strategy
is to check a sample percentage of calculations and, hopefully, as a result to build
up a
body of evidence that errors are not being made. However, not all assessors will
find this
acceptable.
Finally, the worksheets should have space for signature by whoever is responsible
for
final quality control checks and a space to indicate pass or fail. This effectively
releases
data for inclusion in reports.
11.4 Notebooks
If notebooks are used, they must be properly controlled. They constitute the raw
data
record belonging to the laboratory.
Each book should be numbered. The laboratory manager should keep a record of
the
holder or use of each book. The books should have numbered pages so that a
record can
be referenced by notebook number and page and so that pages cannot be torn out
without being detected.
Staff should not be allowed to remove notebooks from the laboratory except for
field
work, and full books should be returned to management for archiving before a new
one
is issued.
If the notebook system operates in conjunction with worksheets, then the
worksheets
should have a section for recording cross references to notebooks: book number
and
page number.
Generally speaking, notebooks in isolation are not the ideal solution for use in a
routine
testing laboratory but can be a useful adjunct to worksheets.
One problem which can arise with notebooks and, for that matter, with worksheets
is
that staff, anxious to be neat and tidy, record data in rough and then copy it over
later.
Strictly speaking, this practice is not a non-conformance as such, provided the
rough
notes, which now constitute the raw data, are retained as part of the laboratory
record. It
would also be necessary to have checks on the accuracy of the transfer of the data
from
the rough notes.
It is preferable, however, for a laboratory to forbid this type of practice and to
insist
upon all data being recorded directly on worksheets or in official notebooks. This
ensures consistency in practice and leaves no ambiguity about what constitutes the
raw
data. It also eliminates a data transfer step, which is a potential source of error.
The printout must show the sample number and the operator of the instrument.
Ideally,
the operator should initial it to prevent misrepresentation.
Any other relevant paperwork produced should be traceable in the same way and
must
be marked with the sample number and the name of the person generating it.
Where instruments record data in computer files, these should, preferably, have
provision for recording the operator and the sample number to which the file
refers. If
this is not accommodated, it will be necessary to institute a record book which is
filled in
with the sample number, the operator and the computer file identifier.
Alternatively, the
same information might be accommodated on worksheets or in notebooks.
All computer files will need to be secured by appropriate backup regimes. See
section
12.9 for details.
Page 75
There should be a defined person who is responsible for authorising any software
to be
used in the laboratory. This person must ensure that it is checked to show that it
does
not corrupt data or other information before it is released for use. This
requirement must
apply not only to new software but also to any updates or modifications. The
responsible
person should be the laboratory manager or someone to whom the responsibility is
delegated by the laboratory manager.
There is no reason why staff cannot set up spreadsheets, for example to carry out
routine
calculations and data processing, but they must have these checked and
authorised before
use. It is not acceptable to have staff setting up ad hoc applications and using them
without their being accepted by the laboratory management as suitable for their
purpose.
One issue which must be addressed, however, is the question of whether
spreadsheets
and similar software which can contain set-up calculations may be corrupted and
so lead
to wrong results. Wherever possible, spreadsheets must be protected from
alteration by
using passwords reserved to the management. Where this is not possible, a set of
sample
data must be available, which can be loaded before the spreadsheet is used, to
check that
the calculated values are determined correctly.
In order to ensure that the system for controlling software is effective and can be
audited, each computer should have a log which shows the hardware and software
installed. Any new software or modifications to existing software, including new
releases
of commercial packages, should be recorded in the log with the date when they
came
into use. It is then possible to determine which version of the software was in use
at any
particular time, should an error need to be traced. There should be regular audits
of the
actual software installed against the log and any unauthorised software should be
removed.
Page 76
It is must also be possible to recreate the previous versions of any software in case
an
error or query arises and it is necessary to determine whether the software was
responsible. The simplest way to provide this backtracking facility is to ensure
that, at
each update, a copy of the previous version is retained on a removable medium
such as
tape or disc. Some larger commercial packages have a built-in facility to backtrack
and
The responsibility for providing the ability to backtrack to the previous version of
the software should be clearly agreed.
The responsibility for keeping the log of software and updates should be agreed.
There should be a clear mode and level of communication between the two
parties.
In particular, the network management must know who is authorised to request
software changes on behalf of the laboratory and must not respond to requests
from
unauthorised members of the laboratory staff.
Page 77
The arrangements for backing up the laboratorys data on the network must be
agreed. See section 12.9 for general guidance on backing up.
up a body of information that demonstrates that significant errors are not being
made.
A more fundamental problem arises with computers when it is possible to alter
data
without leaving a record of the alteration or of the original entry. This contravenes
basic
requirements that all alterations must be traceable to the person carrying them out
and
must be made in such a way that the original value is retrievable. Software
specifically
written for laboratory purposes usually incorporates an audit trail which logs
alterations
and the identity of the person making them through their user name. Such
software will
normally also retain a record of the original entry and may even require entry of
the
reason for making the change. Where there is an audit trail of this type, the
laboratory
will meet the requirements of the standard provided there is a mechanism for
monitoring
the audit trail as part of the quality checking procedure.
Software not designed specifically for laboratories is unlikely to contain this audit
trail
facility and so other steps may need to be taken. The simplest option is to make a
rule
that all alterations must be recorded in a paper log. This should show the identity
of the
person making the alteration, the date of alteration and the old and new values.
Ideally,
there should also be facilities to record the reason for the change. Such a system,
although simple, is not likely to be easy to present as compliant with the standard
since it
is, in most situations, unauditable. If someone makes an alteration to raw data in a
computer and fails to fill in the log, then the failure cannot be detected. On the
other
hand, if the raw data exists on a work sheet, there will either be a discrepancy
between
the work sheet and the computer record or the work sheet will show an alteration
to the
new value. In this case, the system is auditable and acceptable. Note here the
critical need
to be clear about what constitutes the raw data.
Page 78
If data in the computer can be protected by the software from alteration, for
example by
being given read-only status when entered, then the use of a paper log of
amendments is
much more secure. The laboratory should establish clear rules on who can
authorise
amendments to the data and they alone should be able to lift the read-only status
of the
data and make the amendment. The authorised person is responsible for filling in
the log.
Provided the authorisation for alteration of data is at a suitably senior level, the
assessors
are likely to be satisfied. An appropriate level would be at least senior technical
staff.
The discussion so far has been confined to raw data in computers, but the status of
data
changes as it moves through the laboratory and the degree of protection must be
greater
at each step. Raw data is first submitted to quality control scrutiny and, provided it
passes, is then available for incorporation into reports. Up to this point,
alterations,
subject to the requirement for an alteration record to be generated in some form,
may be
permitted to be carried out fairly freely. However, once data has passed the quality
control fence, only the most senior staff, normally the laboratory manager and
designated
senior professionals, should be able to authorise changes. This implies that data in
computers must be protected from unauthorised alteration, either by being made
readonly
or by transfer to computers physically accessible only to authorised persons. A
laboratory cannot comply with the requirements of ISO 17025 if quality controlled
data
can be altered freely by any member of staff, especially if no automatic audit trail
is
generated. It is also important to remember that the need to alter data after it has
passed
quality control automatically creates a situation where a quality incident, nonconforming
work, has occurred and corrective action will be required.
The situation escalates further once data has been released as a report. There
would be a
serious non-conformance if the laboratorys record of data failed to reflect the
report
content. Specific procedures must be followed when reports have to be amended,
and
the original and amended data must both be availablesee section 13.6. Once data
has
been reported, amendments to the laboratorys archive must only be allowed at the
highest level, by the quality manager and senior technical management, and so
data on a
computer must be totally protected from change by any other staff. It must also be
impossible to generate a new version of the original report with altered data
without
meeting the requirements of the standard for report amendmentsee section 13.6.
The
need for report amendments automatically requires a quality incident record and
corrective action.
Beware of falling into the following common trap: Data has been altered on a
computer
but not on the corresponding work sheet. If there is no record or audit trail for the
alteration on the computer, a serious non-compliance arises since it is impossible
to tell
which data is valid. An initialled alteration on the work sheet to bring it into line
with the
computer value would have solved the problem.
Most LIMS systems automatically stamp data entries with the identity of the
person
entering the data. The information is derived from that persons computer user
name
when they log on to the system. In this case, it is essential that the laboratory
enforces a rule that staff must only use terminals which they have logged into
under
their own name. They must not just use any terminal which happens to be logged
on
and available or the audit trail is destroyed. There should be an absolute rule that
no
terminals are left logged on and unattended; in any case, this has security
implications. In most systems it is possible to set terminals to log off automatically
after a period of inactivity. This should be exploited.
It is not unusual for LIMS to only identify the person entering data and to
designate
them as the analyst. In many practical laboratory situations, data may be entered
by
someone other than the actual analyst. The laboratory needs to be absolutely clear
about how to achieve an audit trail which identifies the person carrying out the
analysis. If analysts always enter their own data, then the LIMS can provide the
trail
very simply. If this is not the case, the laboratory has to recognise that it is the
person entering the data that the LIMS actually identifies, and must have some
other
means of providing the audit trail to the analyst, for example by initialling work
sheets. In many instances it is simply a matter of making the position clear and
communicating it properly, especially to assessors. Increasingly, LIMS permit
separate identification of the analyst and the person entering the data. This
provides
maximum flexibility and should be made available whenever possible.
only copy of the data is on computer, backup will need to be very frequent. A
common
strategy is for laboratories with LIMS to have dual disk drives on the main
computer or
network server, or even dual servers, and for all data to be recorded directly on
both.
This is further supplemented by regular tape or optical disc backups, sometimes
twice a
day.
Most laboratories are not so exposed, and a daily backup will be sufficient; a good
rule of
thumb is to ensure that all data is backed up at the end of each working day and
transferred to secure storage. This storage should be separated from the
laboratory area
by a fire break and, ideally, be provided with a fire proof safe designed for data
storage.
Fireproof safes designed for documents are not suitable since they reach too high
a
temperature to protect magnetic media.
If data has to be kept in the laboratory, then a data safe is essential and its use
must be
rigorously enforced.
When data is removed from on-line access, for example in order to regenerate
capacity
on the working computers, then two copies should be made and one stored off-site
or as
far from the laboratory areas as possible. The laboratory will need to be in a
position to
retrieve the archived data with reasonable ease, so it is advisable to ensure that
some
index of the archive is generated. Good LIMS systems will provide this
automatically and
will retain the index as part of the online system, enabling rapid identification of
the
location of the archived data for a particular sample.
The archive or backup medium can be any medium which is convenient. Tape or
floppy
discs are perfectly acceptable but the increasing convenience of optical storage,
for
example writable CD and DVD drives, is now proving popular and such a facility
should
certainly be seriously considered as part of an LIMS.
Page 81
speaking, the date of receipt is only required when it is critical to the validity of
the
results, for example if testing needs to be done within a certain time of sampling or
where samples or calibration items require conditioning before being worked on.
In
practice, there are few occasions where the date of receipt has no relevance, so it
is
recommended that it be incorporated routinely.
Page 82
6. Identification of the method used and any sampling plan or method which is
relevant to the data. These may be a direct reference to a standard specification or
may refer to a documented in-house method. In the latter case, a brief outline of
the
procedure, including any sampling methods, should be included. In practice, many
accreditation bodies permit a generic statement indicating that the laboratorys
standard procedures were used and offering the client a reference list on request.
7. A note of any deviations from a standard method and any environmental
conditions
which may bear upon the results.
8. The test or calibration results themselves with units.
9. The name, position and signature or other identification of the person accepting
responsibility for the report and the report's date of issue; it is recommended that
the
person accepting responsibility initials each page of the report where this is
practicable. It is up to the laboratory to decide who is identified as having
authority
to release data, i.e. sign reports. The onus will be to satisfy assessors that the
person(s) so authorised have the appropriate skills to evaluate the data.
10. Where relevant, a statement that the results only apply to the items tested or
calibrated. This is generally required in the case of product testing to prevent the
results being applied inappropriately in support of general product or batch
certification.
11. Preferably, a statement that the report shall not be reproduced, except in full,
without the written permission of the laboratory.
In addition to these general requirements, there are the following specific
requirements
for test reports:1. Details of any deviations from the standard test method and information on any
relevant factors such as environmental conditions.
2. Where relevant, a statement on compliance/non-compliance with requirements
or
specifications. The key test of relevance here is whether the client requires the
information. This will depend on the question asked by the client. If the request is
to
test for compliance with a specific requirement, then there is clear relevance. If
the
request is simply for data, then the statement does not have to be volunteered.
3. Where applicable, a statement of the uncertainty of the result; this is generally
regarded as applicable where requested by the client, when it is relevant to the
application of the test results and when uncertainty affects compliance with a
allows the client to estimate drift and perhaps to review calibration intervals.
5. Unless there is a legal requirement calibration reports should not carry any
recommendations on a re-calibration interval or date since this might be taken to
imply that the calibration has a specific time validity. Clearly the laboratory cannot
offer any such guarantee once the item calibrated leaves its custody. This
prohibition
is relaxed if the client asks for a recommendation, but the laboratory should make
it
clear at contract review and in the wording of the report that this is only a
recommendation and that no guarantees are being offered that the calibration will
remain valid for the stated period.
Other factors to be borne in mind when reporting are the inclusion of subcontracted
data in reports and the question of reports which contain results for work not
included in
the laboratorys scope of accreditation. The general principle enforced by
accreditation
bodies is that these results must be identified clearly and that the laboratory must
not
seek to misrepresent its scope of accreditation or to represent sub-contracted data
as
having been generated in-house. In the case of calibration laboratories, there is an
absolute requirement to supply the client with the report issued by a subcontractor, but
this is not required from testing laboratories. See section 15 for further discussion
of subcontracting.
ISO 17025 has nothing to say on the subject of reporting tests and calibrations not
covered by the scope of accreditation since it does not address the issue of limited
scope
of accreditation at all. Perversely, the standard is written on the assumption that
everything which the laboratory does is within the scope. This is rarely the case.
The
consequences of this deficiency in the standard are generally dealt with by
regulations
formulated by the accreditation body in order to prevent misrepresentation of the
scope
and hence the areas of activity which they underwrite.
Some accreditation bodies require that a minimum proportion of the results, for
example
50%, are within the scope of accreditation before their logo or reference to
accreditation
Page 84
can be used on the report. More commonly, a disclaimer, with clear marking of
nonscope
data, is permitted. However, if none of the reported data is within the scope of
accreditation, the logo of the accreditation body and/or reference to accreditation
may
never be used on the report.
Laboratories are required to be able to show that they have a documented basis on
which
professional judgements are made and that the qualifications and experience of
those
making them are appropriate.
Appropriate information would be references to any general requirements,
standards,
technical requirements or contractual specifications which are being used as a
basis for
the judgement. In the case of judgements based on individuals professional
experience,
assessors will need to be satisfied, on the basis of the staff records, that the person
making the judgement is appropriately qualified. Wherever possible, laboratories
should
have guidelines for any routine interpretations and judgements which have to be
made in
order to ensure that they are made consistently over time and by different
individuals.
only authorised persons can generate reports. It is also essential to ensure that,
once a
report has been generated, it is not possible for an unauthorised person to alter
the data
in the computer and then to generate a changed version of the report. The security
must
be such that the rules for report amendment discussed in section 13.6 are
observed,
which effectively means that once a report is issued to a client the laboratorys
copy, even
if a computer file, must never be altered. Amendment requires that a completely
new
report is issued. The security can be achieved physically but assessors will
normally
expect to see appropriate software protection. Section 12 deals specifically with
the use
of computers and ways of providing appropriate safeguards.
The format and content of reports will come under very close scrutiny by
accreditation
bodies. It is the report, after all, which carries the accreditation bodys logo and,
hence,
its stamp of approval. It is in the interests of neither the accreditation body nor the
accredited laboratories that this approval appears on an inadequate document.
Page 85
original report cannot be destroyed and expunged from the system to be replaced
by an
extended or corrected version. A completely new report must be issued which
complies
with all of the normal reporting requirements, and it must be endorsed to show
that it is
an amendment, supplement or complete replacement of the previous version. The
laboratory must retain copies of the original and the amended versions as part of
its
archive. Particular care is needed when report archives are computerised to
ensure that
the new version does not overwrite and obliterate the original.
A need to issue an amended report will imply a prima facie quality failure
nonconforming
workand will need investigation and corrective action.
Do you take steps to control the quality of any purchased goods or services which
might affect
the validity of your data?
Do you have a list of approved suppliers and a policy on their selection ?
Do you keep this list under review and remove any suppliers found to be
inadequate from a
quality perspective?
Do you have a system for checking all received materials against the order
specifications?
14.2 Requirements
The general requirement is that, where the quality of any outside services or
supplies may
have an impact on the quality of the data or calibrations emanating from the
laboratory,
there must be procedures to ensure that the quality of the services or supplies is
adequate
and consistently so.
The two extremes of an approach to quality of supplies and services are for the
laboratory to check everything on receipt or for only approved, preferably certified
or
accredited suppliers, to be used and checks to be dispensed with. In practice,
elements of
both extremes will be used. Laboratories have approved and trusted suppliers but
also
carry out checks, often as an integral part of methods, for example reagent blanks
or
calibration checks.
The onus will be on the laboratory to demonstrate to assessors that it controls the
quality
of any input, service or supply which could impact data quality.
In practice, the approved supplier position under ISO 17025 is not nearly so big an
issue
as it is under ISO 9001 since test and calibration methods generally contain quality
control checks which, indirectly at least, monitor materials and services obtained
outside.
No laboratory is, for example, likely to want to argue that running checks, such as
reagent blanks, can be dispensed with on the basis of the suppliers specifications
for a
reagent, however impeccable the suppliers quality management certification.
It is when such checks are statistical that the laboratory has to be careful about
assessment of suppliers, for example where, rather than running a blank each time
a
method is run, a batch of reagent is sampled and checked for suitability on receipt.
The
level of checks applied will then need to be defended and the quality assurance
capabilities of the supplier will then be an issue. This may even mean different
levels of
checking being applied to the same materials obtained from different sources.
where appropriate, a list of the goods or services which each is approved to supply.
There should be a policy for approving suppliers which is normally administered by
the
quality manager. The policy should state that, wherever possible, the laboratory
will use
suppliers who hold ISO 9001 certification for their quality system, or relevant
product
Page 87
evidence. In such cases, the quality manager should prepare a brief report on the
supplier
which details the history of use and which shows any supporting evidence for their
acceptance. The key point from an assessment point of view is that the laboratory
will
have to convince the assessors that it has information about the suppliers ability
to
maintain quality and so can deal with any local checks needed before goods or
services
are released for use.
Do you evaluate the suitability of any sub-contractors used against a defined set
of criteria?
Do you have a list of these approved sub-contractors?
Do you have a mechanism which ensures that the use of any sub-contractors
found
unsatisfactory is discontinued ?
Do you obtain clearance from clients before sub-contracting work?
the client insists on a particular subcontractor. This is the key requirement and it
implies
that the laboratory investigates and approves its sub-contractors, as described in
section
15.2.1.
The overall need is to satisfy assessors that sub-contractors are selected after
careful
investigation and that the laboratory takes a responsible attitude to their selection
and
continued use. In practice, accreditation bodies do not apply this requirement with
great
rigour and they are reasonably understanding of commercial sensitivities.
Sub-contracting should be covered by contract review as discussed in section 7.3.
This
also takes care of the requirement in the standard to ensure that the client is
aware of the
arrangement, although it should be noted that ISO 17025 specifically requires that
the
client be informed in writing of the arrangements for sub-contracting.
In the case of reporting work from sub-contractors, a testing laboratory must
simply
acknowledge that it has been sub-contracted but calibration laboratories are
required to
supply the client with the sub-contractors report or certificate. There is no
absolute
requirement to notify the client of the identity of the sub-contractor, although the
requirement for calibration laboratories to pass on the sub-contractors certificate
rather
negates this. Testing laboratories can, however, reserve this information.
15.3 Administration
There should be a clearly stated policy on who may authorise sub-contracting. This
is
normally the laboratory manager. This person should have the responsibility of
checking
that the sub-contractor is on the approved list and should have the authority to
refuse to
authorise the sub-contracting if a non-approved sub-contractor is requested.
The laboratory manager should review the performance of sub-contractors on a
regular
basis, and at least annually, and report any problems to the quality manager for
investigation.
Page 91
audits and assessments of the quality system. It is, therefore, important that the
manual
describes the system as it is actually operated. It must be a working document and
not a
description of an ideal world.
Be particularly careful that you cover all eventualities. If you assign a
responsibility to a
post holder, remember that they may not always be available. The manual will need
to
provide an alternative, such as a deputy or another point of reference, in these
circumstances. There should be a statement that all responsibilities ultimately
revert to
the laboratory manager who may delegate them again if necessary. The laboratory
should
always try to ensure that the laboratory manager and his or her deputy are never
absent at
the same time.
Another important point to remember is that responsibility and authority go
together.
Whenever you assign a responsibility you must also assign the appropriate
authority. In
the context of quality management this may involve giving a quality manager
authority on
quality matters over a line management superior. The superior, in supporting the
quality
policy, should respect this authority.
You should be careful in writing the manual not to create procedures and policies
which
are bound to fail. Within the limits of the standard, give yourself as much flexibility
as
possible. You may describe preferred courses of action but allow alternatives under
defined circumstances provided that it is clear who has the authority to permit the
alternative to be taken.
For example, a supplier policy may state that the preferred suppliers would be ISO
9001
certified but that alternatives may be used where the goods are not available from
such
an accredited supplier. The policy might then go on to state that the quality
manager may
give approval for the use of an alternative provided that the goods are checked
before
being used.
The next sections give one suggested outline for a quality manual that describes an
ISO
17025 compliant system, with some notes on the contents of each section. It is not
essential that the information described appear explicitly in the manual. Subsidiary
documentation can be used and referred to. Be careful, however, not to create an
unnecessarily complex documentation structure as this will be difficult to maintain.
Another trap to avoid is that of duplicating information across different documents
since
Page 92
it is difficult to ensure that the versions in the various documents are all
maintained
together and remain consistent.
Finally, remember that an assessment will be against your quality documentation
in
addition to against the standard. This means that if you make a commitment in
your
documentation which goes beyond the requirements of the standard and then fail
to
meet it you will still have a non-conformance, even if what you are actually doing is
within the standard.
For example, ISO 17025 requires an annual review of the quality system. If you
were to
enter a commitment to a six-monthly review in your quality manual but what you
actually
do is review annually, you would be meeting the standard but would still have a
nonconformance
against your documentation.
The rule is not to commit to anything beyond the standard, even if you intend to go
beyond the standard. In the example given, the quality manual should say that you
will
review at least annually. This gives you flexibility and conformance with the
standard.
explicitly give authority to the laboratory manager and the quality manager to
implement
and operate the quality system. It should also require all personnel to familiarise
themselves with the quality documentation and to follow its requirements at all
times.
The policy statement should be followed by a reference to any accreditations held
by the
laboratory and a reference to an appendix containing the scope of accreditation or
the
scope which is the basis of any pending application for accreditation.
This section should show the internal organisation of the laboratory and the
relationship
between the laboratory and any organisation of which it is a part. It is a good idea
to
include organisational charts. These charts should show that the quality manager
has
access to the highest level of management and to the laboratory manager.
Each level of staff should be described, with an outline of the level of experience
and
qualifications required to fill each grade. The object of this is to set a minimum
acceptable level of expertise at each level which the laboratory undertakes to
maintain,
Page 93
but the description should allow sufficient flexibility to admit staff with specialised
but
narrow capabilities, where required.
The supervisory requirements at each grade should be defined, for example an
assistant
chemist must always work under the direct supervision of a chemist or higher, and
the
limits of responsibility and authority of each grade should be clearly explained.
There should be a statement of the policy on the use of staff undergoing training
and a
requirement for their direct supervision.
Reference should be made to the staff records or equivalent source as containing a
list of
the current post holders.
This section should contain full job descriptions of key staff. This must include the
laboratory manager and the quality manager and their deputies. It should make
clear what
the responsibilities of each post are and what functions each performs.
Any other key posts should be included. Some laboratories, for example, assign
duties to
a calibration officer who is responsible for calibrating all instruments and
maintaining
reference standards.
This section must define precisely, either by name, seniority or post, the individuals
who
are authorised to take responsibility for the laboratory's data. Only these
individuals may
authorise the release of work and sign test/calibration certificates.
This section should make clear exactly who may accept work and commit the
laboratory
to a delivery date. It should state that the person accepting the work is under an
obligation to ensure that the laboratory has the equipment and expertise to do the
work
and that they must not enter into a commitment unless they can be certain on this
point.
The formal contract review process can be described here.
The structure of the quality documentation should be defined. This will normally be
a
hierarchy, headed by the quality manual, which refers to the methods manual or
equivalent technical and other procedural documentation.
Reference should be made to the subsidiary records and documentation such as
the
equipment logs and the staff records.
The purpose of each piece of documentation must be defined as well as the person
responsible for maintaining it and authorising it to be issued. The availability of
each
document should be stated, for example whether it is issued and to whom, in
whose
custody it is kept, where it is kept and who has right of access.
There should be an instruction to all staff to abide by the documented procedures.
This
should be qualified by allowing, for example, the laboratory manager to permit
departures from documented procedures where technical considerations make this
expedient, provided that he or she is confident that quality will not be undermined
as a
result. There must be an instruction that all such departures must be recorded and
noted
on reports, where relevant.
Page 94
The controlled document system should be described and the responsibility and
authority of the quality manager in this respect defined.
This should state the laboratory's policy to use internationally recognised methods
wherever possible, supplemented by fully validated and documented in-house
methods.
This section should also include or refer to a list of typical sources for methods
There should be a description of the procedure for introducing a new method. This
will
generally involve the laboratory manager in arranging to validate and document
the
method. The quality manager should approve the validation and documentation
before
the laboratory manager releases the method. An outline of the format for in-house
documented methods should be given, and a procedure for the withdrawal or
amendment of a method described.
This section should list the major items of equipment which the laboratory
operates and
the reference standards held. This can be expressed in general terms and
reference made
to the equipment logs as a full inventory. The format and operation of the
equipment
logs should be described and the procedure for checking and accepting a new
piece of
equipment into service, as well as the procedure for the withdrawal of equipment.
There should be a general statement of the policy to calibrate at intervals such that
the
integrity of measurements is not set at risk. The preferred procedure for
determining
calibration intervals should be stated. Reference should be made to the procedural
documents which describe instrument calibrations.
The procedure for labelling equipment which requires calibration should be
described
and instructions not to use equipment which has an expired calibration must be
given.
A general responsibility should be placed on all staff to ensure that any instrument
or
piece of equipment which they suspect is out of calibration is not used until
checked.
The equipment must be clearly labelled as suspect and not to be used. The problem
should be brought to the attention of the laboratory manager.
Page 95
This section should describe the laboratory's policy and procedures on the
determination
of method performance validation and on assessing uncertainty of measurement..
There should be a description of procedures to be used at initial validation of
methods
and a description of the responsibility of the laboratory manager for updating the
information on the basis of QC data.
The section should also give guidance on the general policy of the laboratory on
the
frequency of running QC samples, spikes and duplicates.
The procedure to be followed when a suspicion that faulty data has been released
should
be described. This will normally require investigation by the laboratory manager
and
quality manager and probably an audit. Corrective action would also normally be
required.
The laboratory's policy to inform clients as soon as possible of suspect data must
be
stated with a commitment to check the data and, if necessary, to issue an amended
report.
This section should have a complete description of the laboratory's procedures for
receiving, storing and recording samples, sample numbering and labelling,
allocation of
work, recording of results, quality checking of results, preparation of reports and
issuing
reports.
In writing this section try to describe in a systematic way the manner in which
samples
and results are managed through your laboratory. Pay particular attention to how
the
clients' requirements are communicated to the bench workers and how the bench
workers pass the results back to the reporting process.
This section should describe the use of worksheets and/or notebooks. Instructions
on
the use of ink and the way of making corrections should be given.
The laboratory's policy on the length of time samples are kept should be stated, as
should
the policy on disposal, with a commitment to the responsible disposal of toxic
materials.
Page 96
16.2.19 Records
The laboratory policy on the retention of records should be stated and the
procedure to
be followed in disposal of records must be given. This should define who may
authorise
disposal and require that an inventory be kept of the records disposed of.
The policy on security of records, including computer data, must be stated, and the
person responsible for archiving and computer back-up identified.
The minimum requirement for the contents of a report should be given (see section
13.2)
and an example of the preferred layout included.
The requirement to identify sub-contracted results must be stated. Where the
laboratory
holds accreditation there must also be a stated procedure for identifying results of
methods not included in the accreditation scope.
The procedure for retaining confidentiality when reporting results other than by
post
should be set out.
Where reports have to be amended there must be a statement that this can only be
done
by the issue of a complete new version with an endorsement such as Amendment
to
Certificate No.......
16.2.22 Confidentiality
The operation of the staff records must be described including their use for
recording
new staff and changes in the training or status of existing staff.
The mechanism for selecting staff for training, carrying out the training and
assessing
competence and for issuing authorisations to carry out tests, calibrations and other
procedures should be described.
The mechanism for an annual review of staff capabilities must be laid out and the
means
of recording the results.
Page 97
All of the procedures for the audit and review of the quality system should be
described
together with the records to be kept, and the policy on frequency of audits and
review
included.
The procedure for agreeing and recording corrective action should be described,
as well
as a description of the procedure for follow-up to ensure corrective action is
complete
and has been effective.
The laboratory premises should be described and, ideally, a plan included. This
section
should also draw attention to any parts of the premises to which access is
restricted and
who is authorised to grant access, and should describe any areas subject to special
environmental controls as well as the mechanism for monitoring, recording and
maintaining such control.
Where laboratories conduct activities which are incompatible, for example trace
and high
level analysis for metals, there should be a description of the facilities provided to
ensure
the necessary segregation.
This section should describe the arrangements for the security of the premises
during
and outside working hours, identify the persons authorised to hold keys, describe
the
procedure for granting authorisation, and identify the person with overall
responsibility
for security.
16.2.29 Appendices
Bibliography
Deals with the role of reference materials in measurement science and the
procedures for their certification.
Many of the procedures are equally applicable to the calibration of secondary
references against certified
references, so it provides useful guidance for laboratories preparing their own inhouse quality control
standards. It is particularly useful in the area of homogeneity testing.
ISO Guide 33: 1989; Guide to the use of certified reference materials.
Covers the use of certified reference materials in assessing the performance of a
method. It also has an
interesting section on how practical measurement scales are realised.
Useful websites
www.ilac.org
This website describes fully the workings of international recognition of
accreditation and also has a wide
range of guidance documents for laboratories and accreditation bodies, which can
be downloaded.,
www.ukas.com
UKAS is the United Kingdom laboratory accreditation body. They have all of their
technical guidance
documents available for free download. These are a useful source of information for
laboratories needing to
achieve technical compliance with ISO 17025 in a wide range of areas of expertise.
www.lgc.co.uk
Laboratory of the Government Chemist, United Kingdom; has a collection of
downloadable catalogues of
reference materials and a searchable database of reference materials. The
database is not comprehensive,
however, and the catalogues should also be consulted. Also has contact information
about where you can
buy the publications mentioned above.
www.eurachem.ul.pt/index.htm
Useful source of guidance documents which can be downloaded free. These include
the guide to uncertainty
of measurement mentioned above.
www.eptis.bam.de
Searchable database of proficiency testing schemes in Europe. Many schemes
operate globally. Note that
the EPTIS database is not screened in any way, so look carefully as some schemes
are neither frequent
nor very active.
http://www.fasor.com/iso25/
Very useful page with links to all kinds of ISO 17025 related issues, helpful sites and
national
accreditation bodies.
Page 100
Appendix: Self-examination
With each question, tick one of the boxes numbered 1 to 4, based on the following
code:
1 No we do not meet this requirement at all.
2 We meet some parts of this requirement.
3 We meet most parts of this requirement.
4 We meet this requirement fully.
The numbers in brackets in the questionnaire refer to the relevant clauses in ISO
17025:1999.
The higher your total score on this questionnaire, the less you will have to do to
become
compliant. However, this questionnaire is only intended to form an initial
assessment in
key areas and does not cover the whole of ISO 17025, so even if your answers are
all 4s
this does not mean that you already complybut you are very well placed to make
the
final adjustments. The maximum score is 204 by the way !
ISO 17025 is very much a standard to which you adhere by your own efforts. You
document how you will meet the requirements of the standard and how you will
manage
your activities to maintain compliance. You then commit to monitoring your own
compliance through audit and related activities and to taking corrective action
when you
move out of compliance.
When you are assessed, the accreditation body will, of course, determine whether
you are
compliant on the day of assessment. However, the assessors will be far more
interested
in satisfying themselves that you have a robust management system which will
maintain
compliance on a routine basis. The assessors normally visit only once a year so the
steps
which you take to maintain and monitor compliance between visits are a key issue
with
them.
A well managed quality system should pay for itself by reducing the amount of retesting
or re-calibration a laboratory needs to do and by improving its clients confidence
and
hence its success as a business.
Page 101
Self-examination questionnaire
Note that the definition of document in ISO 17025 is extremely broad. Please refer to
ISO
17025: 1999, 4.3.1 Note 1 for a full list.
1
Organisation
Are there documents available that give work instructions so that staff
have a source of reference to enable them to conduct their work
properly and consistently?
Are all documents1 controlled, which means can you answer yes to
the following:
Are all documents giving instructions or used to record data authorised
by defined management personnel?
Is a record of the issue of all documents kept and procedures adopted
so that, when amendments are made, every copy can be retrieved to
be updated?
Page 102
Do clients know how to contact you and who to speak to about the
progress of their work?
Do you follow up complaints from clients and learn from them so that
you can take steps to ensure that the problem does not happen again?
Do you ensure that the corrective action taken addresses the root cause
of the problem, i.e. do you think that you normally make it unlikely that
the problem will happen again?
Do you follow up to ensure that the corrective action has been
Page 103
Records (4.12)
Do you carry out and record regular inspections to check that the
procedures which you have defined and documented are, in fact, being
followed?
Does senior management carry out reviews to determine whether the
quality system continues to meet the needs of the organisation?
Personnel (5.2)
Do you have appropriate numbers and types of staff so that work can
be carried out without having to rush so much that quality may be
compromised?
Do you formally check if all persons performing technical functions
possess the required educational/professional qualifications and
experience?
Are there clearly defined job descriptions set out for each of the
persons working in the laboratory?
Page 104
Reporting (5.10)
The basic required contents of a report are as follows:(a) Name and address of the laboratory;
(b) Name and address of client;
(c) Unique identifier of certificate or report (such as serial number);
(d) On each sheet of the certificate or report, a unique form of sheet
Page 106